Fixes the following errors: drivers/gpu/drm/exynos/exynos_drm_drv.c:182 exynos_drm_open() error: double free of 'file_priv' drivers/gpu/drm/exynos/exynos_drm_drv.c:188 exynos_drm_open() error: dereferencing freed memory 'file_priv'
Signed-off-by: Sachin Kamat sachin.kamat@linaro.org --- drivers/gpu/drm/exynos/exynos_drm_drv.c | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-)
diff --git a/drivers/gpu/drm/exynos/exynos_drm_drv.c b/drivers/gpu/drm/exynos/exynos_drm_drv.c index 9d096a0..215131a 100644 --- a/drivers/gpu/drm/exynos/exynos_drm_drv.c +++ b/drivers/gpu/drm/exynos/exynos_drm_drv.c @@ -171,22 +171,24 @@ static int exynos_drm_open(struct drm_device *dev, struct drm_file *file) file->driver_priv = file_priv;
ret = exynos_drm_subdrv_open(dev, file); - if (ret) { - kfree(file_priv); - file->driver_priv = NULL; - } + if (ret) + goto out;
anon_filp = anon_inode_getfile("exynos_gem", &exynos_drm_gem_fops, NULL, 0); if (IS_ERR(anon_filp)) { - kfree(file_priv); - return PTR_ERR(anon_filp); + ret = PTR_ERR(anon_filp); + goto out; }
anon_filp->f_mode = FMODE_READ | FMODE_WRITE; file_priv->anon_filp = anon_filp;
return ret; +out: + kfree(file_priv); + file->driver_priv = NULL; + return ret; }
static void exynos_drm_preclose(struct drm_device *dev,
Hi Inki,
Does this patch look good now?
On 16 January 2014 11:31, Sachin Kamat sachin.kamat@linaro.org wrote:
Fixes the following errors: drivers/gpu/drm/exynos/exynos_drm_drv.c:182 exynos_drm_open() error: double free of 'file_priv' drivers/gpu/drm/exynos/exynos_drm_drv.c:188 exynos_drm_open() error: dereferencing freed memory 'file_priv'
Signed-off-by: Sachin Kamat sachin.kamat@linaro.org
drivers/gpu/drm/exynos/exynos_drm_drv.c | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-)
diff --git a/drivers/gpu/drm/exynos/exynos_drm_drv.c b/drivers/gpu/drm/exynos/exynos_drm_drv.c index 9d096a0..215131a 100644 --- a/drivers/gpu/drm/exynos/exynos_drm_drv.c +++ b/drivers/gpu/drm/exynos/exynos_drm_drv.c @@ -171,22 +171,24 @@ static int exynos_drm_open(struct drm_device *dev, struct drm_file *file) file->driver_priv = file_priv;
ret = exynos_drm_subdrv_open(dev, file);
if (ret) {kfree(file_priv);file->driver_priv = NULL;}
if (ret)goto out; anon_filp = anon_inode_getfile("exynos_gem", &exynos_drm_gem_fops, NULL, 0); if (IS_ERR(anon_filp)) {
kfree(file_priv);return PTR_ERR(anon_filp);
ret = PTR_ERR(anon_filp);goto out; } anon_filp->f_mode = FMODE_READ | FMODE_WRITE; file_priv->anon_filp = anon_filp; return ret;+out:
kfree(file_priv);file->driver_priv = NULL;return ret;}
static void exynos_drm_preclose(struct drm_device *dev,
1.7.9.5
-----Original Message----- From: Sachin Kamat [mailto:sachin.kamat@linaro.org] Sent: Tuesday, January 21, 2014 12:16 PM To: dri-devel@lists.freedesktop.org Cc: Inki Dae; Sachin Kamat; Patch Tracking Subject: Re: [PATCH v2 1/1] drm/exynos: Fix freeing issues in exynos_drm_drv.c
Hi Inki,
Does this patch look good now?
Sorry for being late.
Applied.
Thanks, Inki Dae
On 16 January 2014 11:31, Sachin Kamat sachin.kamat@linaro.org wrote:
Fixes the following errors: drivers/gpu/drm/exynos/exynos_drm_drv.c:182 exynos_drm_open() error: double free of 'file_priv' drivers/gpu/drm/exynos/exynos_drm_drv.c:188 exynos_drm_open() error: dereferencing freed memory 'file_priv'
Signed-off-by: Sachin Kamat sachin.kamat@linaro.org
drivers/gpu/drm/exynos/exynos_drm_drv.c | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-)
diff --git a/drivers/gpu/drm/exynos/exynos_drm_drv.c
b/drivers/gpu/drm/exynos/exynos_drm_drv.c
index 9d096a0..215131a 100644 --- a/drivers/gpu/drm/exynos/exynos_drm_drv.c +++ b/drivers/gpu/drm/exynos/exynos_drm_drv.c @@ -171,22 +171,24 @@ static int exynos_drm_open(struct drm_device *dev,
struct drm_file *file)
file->driver_priv = file_priv; ret = exynos_drm_subdrv_open(dev, file);
if (ret) {kfree(file_priv);file->driver_priv = NULL;}
if (ret)goto out; anon_filp = anon_inode_getfile("exynos_gem",
&exynos_drm_gem_fops,
NULL, 0); if (IS_ERR(anon_filp)) {
kfree(file_priv);return PTR_ERR(anon_filp);
ret = PTR_ERR(anon_filp);goto out; } anon_filp->f_mode = FMODE_READ | FMODE_WRITE; file_priv->anon_filp = anon_filp; return ret;+out:
kfree(file_priv);file->driver_priv = NULL;return ret;}
static void exynos_drm_preclose(struct drm_device *dev,
1.7.9.5
-- With warm regards, Sachin
dri-devel@lists.freedesktop.org
-
Inki Dae -
Sachin Kamat