Re: ad1848 double free

From: Takashi Iwai
Date: Mon Mar 06 2006 - 08:49:43 EST

Next message: Mathieu Chouquet-Stringer: "Re: Problem on Alpha with "convert to generic irq framework""
Previous message: Yu, Luming: "RE: [PATCH 2.6.15.3 1/1] ACPI: Atlas ACPI driver"
In reply to: Dave Jones: "ad1848 double free"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

At Mon, 6 Mar 2006 03:58:18 -0500,
Dave Jones wrote:
>
> Same again, snd_ctl_add() already kfree's on error.
>
> Coverity #956
> Signed-off-by: Dave Jones <davej@xxxxxxxxxx>
>
> --- linux-2.6/sound/isa/ad1848/ad1848_lib.c~ 2006-03-06 03:57:22.000000000 -0500
> +++ linux-2.6/sound/isa/ad1848/ad1848_lib.c 2006-03-06 03:57:30.000000000 -0500
> @@ -1202,10 +1202,8 @@ int snd_ad1848_add_ctl(struct snd_ad1848
> strlcpy(ctl->id.name, name, sizeof(ctl->id.name));
> ctl->id.index = index;
> ctl->private_value = value;
> - if ((err = snd_ctl_add(chip->card, ctl)) < 0) {
> - snd_ctl_free_one(ctl);
> + if ((err = snd_ctl_add(chip->card, ctl)) < 0)
> return err;
> - }
> return 0;
> }

Yep, both fixes for sb_mixer.c and ad1848_lib.c are correct.
I also wanted to start fixing them since Andrew reported a similar bug
in core/control.c, but you are much faster :) Thanks!

Signed-off-by: Takashi Iwai <tiwai@xxxxxxx>

Takashi
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Mathieu Chouquet-Stringer: "Re: Problem on Alpha with "convert to generic irq framework""
Previous message: Yu, Luming: "RE: [PATCH 2.6.15.3 1/1] ACPI: Atlas ACPI driver"
In reply to: Dave Jones: "ad1848 double free"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]