1. Patchew
  2. linux
  3. View series

[PATCH] media: renesas: rcar_drif: fix device node reference leak in rcar_drif_bond_enabled

Miaoqian Lin posted 1 patch 4 weeks, 1 day ago 
drivers/media/platform/renesas/rcar_drif.c | 1 +
1 file changed, 1 insertion(+)
[PATCH] media: renesas: rcar_drif: fix device node reference leak in rcar_drif_bond_enabled
Posted by Miaoqian Lin 4 weeks, 1 day ago 
The function calls of_parse_phandle() which returns
a device node with an incremented reference count. When the bonded device
is not available, the function
returns NULL without releasing the reference, causing a reference leak.

Add of_node_put(np) to release the device node reference.
The of_node_put function handles NULL pointers.

Found through static analysis by reviewing the doc of of_parse_phandle()
and cross-checking its usage patterns across the codebase.

Fixes: 7625ee981af1 ("[media] media: platform: rcar_drif: Add DRIF support")
Cc: stable@vger.kernel.org
Signed-off-by: Miaoqian Lin <linmq006@gmail.com>
---
 drivers/media/platform/renesas/rcar_drif.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/drivers/media/platform/renesas/rcar_drif.c b/drivers/media/platform/renesas/rcar_drif.c
index fc8b6bbef793..c5d676eb1091 100644
--- a/drivers/media/platform/renesas/rcar_drif.c
+++ b/drivers/media/platform/renesas/rcar_drif.c
@@ -1246,6 +1246,7 @@ static struct device_node *rcar_drif_bond_enabled(struct platform_device *p)
 	if (np && of_device_is_available(np))
 		return np;
 
+	of_node_put(np);
 	return NULL;
 }
 
-- 
2.35.1
Re: [PATCH] media: renesas: rcar_drif: fix device node reference leak in rcar_drif_bond_enabled
Posted by Geert Uytterhoeven 4 weeks, 1 day ago 
On Wed, 3 Sept 2025 at 15:37, Miaoqian Lin <linmq006@gmail.com> wrote:
> The function calls of_parse_phandle() which returns
> a device node with an incremented reference count. When the bonded device
> is not available, the function
> returns NULL without releasing the reference, causing a reference leak.
>
> Add of_node_put(np) to release the device node reference.
> The of_node_put function handles NULL pointers.
>
> Found through static analysis by reviewing the doc of of_parse_phandle()
> and cross-checking its usage patterns across the codebase.
>
> Fixes: 7625ee981af1 ("[media] media: platform: rcar_drif: Add DRIF support")
> Cc: stable@vger.kernel.org
> Signed-off-by: Miaoqian Lin <linmq006@gmail.com>

Reviewed-by: Geert Uytterhoeven <geert+renesas@glider.be>

Note that this is a duplicate of "[PATCH] media: rcar_drif: Fix an OF
node leak in rcar_drif_bond_enabled()", which was never applied.

[1] https://lore.kernel.org/20250105111050.3859712-1-joe@pf.is.s.u-tokyo.ac.jp

Gr{oetje,eeting}s,

                        Geert

-- 
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@linux-m68k.org

In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
                                -- Linus Torvalds
Re: [PATCH] media: renesas: rcar_drif: fix device node reference leak in rcar_drif_bond_enabled
Posted by Markus Elfring 4 weeks, 1 day ago 
> Reviewed-by: Geert Uytterhoeven <geert+renesas@glider.be>

Are any description details still improvable?


> Note that this is a duplicate of "[PATCH] media: rcar_drif: Fix an OF
> node leak in rcar_drif_bond_enabled()", which was never applied.
> 
> [1] https://lore.kernel.org/20250105111050.3859712-1-joe@pf.is.s.u-tokyo.ac.jp

Would it be nicer (in principle) to integrate this patch finally?

Regards,
Markus

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.