Re: [PATCH] w1: w1-gpio: Fix double-free of platform_data

From: Evgeniy Polyakov
Date: Sat Apr 29 2017 - 12:45:41 EST

Next message: Dhiru Kholia: "[PATCH 1/1] staging: comedi: use __func__ instead of hardcoded function name"
Previous message: Sebastian Reichel: "Re: [PATCH 2/2] Add driver for MAX17211/MAX17215 fuel gauge"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Alexey

25.03.2017, 20:08, "Alexey Ignatov" <lexszero@xxxxxxxxx>:
> struct w1_gpio_platform_data was allocated using devres when using
> device tree. Then it was assigned to dev.platform_data, which leaded
> to double free on device removal by devres and by direct
> kfree(platform_data) in platform_device_release)

If this patch is still relevant, please add someone from device-tree into copy, I would think this bug
affect anyone and we see alot of bug reports since probe failure ends up with double free.

Also a nit:

> @@ -143,12 +141,12 @@ static int w1_gpio_probe(struct platform_device *pdev)
> ÂÂÂÂÂÂÂÂÂint err;
>
> ÂÂÂÂÂÂÂÂÂif (of_have_populated_dt()) {
> - err = w1_gpio_probe_dt(pdev);
> - if (err < 0)
> - return err;
> + pdata = w1_gpio_probe_dt(pdev);
> + if (IS_ERR(pdata) < 0)
> + return PTR_ERR(pdata);

IS_ERR() should not be used this way

Next message: Dhiru Kholia: "[PATCH 1/1] staging: comedi: use __func__ instead of hardcoded function name"
Previous message: Sebastian Reichel: "Re: [PATCH 2/2] Add driver for MAX17211/MAX17215 fuel gauge"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]