[PATCH v4] media: platform: mtk-mdp3: Add missing check and free for ida_alloc
From: Jiasheng Jiang
Date: Thu Feb 09 2023 - 08:53:04 EST
Add the check for the return value of the ida_alloc in order to avoid
NULL pointer dereference.
Moreover, free allocated "ctx->id" if mdp_m2m_open fails later in order
to avoid memory leak.
Fixes: 61890ccaefaf ("media: platform: mtk-mdp3: add MediaTek MDP3 driver")
Signed-off-by: Jiasheng Jiang <jiasheng@xxxxxxxxxxx>
---
Changelog:
v3 -> v4
1. Use ret to check the return value.
v2 -> v3:
1. Fix the goto label.
v1 -> v2:
1. Fix the check for the ida_alloc.
---
drivers/media/platform/mediatek/mdp3/mtk-mdp3-m2m.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/drivers/media/platform/mediatek/mdp3/mtk-mdp3-m2m.c b/drivers/media/platform/mediatek/mdp3/mtk-mdp3-m2m.c
index 5f74ea3b7a52..8612a48bde10 100644
--- a/drivers/media/platform/mediatek/mdp3/mtk-mdp3-m2m.c
+++ b/drivers/media/platform/mediatek/mdp3/mtk-mdp3-m2m.c
@@ -566,7 +566,11 @@ static int mdp_m2m_open(struct file *file)
goto err_free_ctx;
}
- ctx->id = ida_alloc(&mdp->mdp_ida, GFP_KERNEL);
+ ret = ida_alloc(&mdp->mdp_ida, GFP_KERNEL);
+ if (ret < 0)
+ goto err_unlock_mutex;
+ ctx->id = ret;
+
ctx->mdp_dev = mdp;
v4l2_fh_init(&ctx->fh, vdev);
@@ -617,6 +621,8 @@ static int mdp_m2m_open(struct file *file)
v4l2_fh_del(&ctx->fh);
err_exit_fh:
v4l2_fh_exit(&ctx->fh);
+ ida_free(&mdp->mdp_ida, ctx->id);
+err_unlock_mutex:
mutex_unlock(&mdp->m2m_lock);
err_free_ctx:
kfree(ctx);
--
2.25.1