1. Patchew
  2. linux
  3. View series

[PATCH] media: mediatek: vcodec: Fix a reference leak in mtk_vcodec_fw_vpu_init()

Haoxiang Li posted 1 patch 2 weeks, 3 days ago 
.../media/platform/mediatek/vcodec/common/mtk_vcodec_fw_vpu.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
[PATCH] media: mediatek: vcodec: Fix a reference leak in mtk_vcodec_fw_vpu_init()
Posted by Haoxiang Li 2 weeks, 3 days ago 
vpu_get_plat_device() increases the reference count of the returned
platform device. However, when devm_kzalloc() fails, the reference
is not released, causing a reference leak.

Fix this by calling put_device() on fw_pdev->dev before returning
on the error path.

Fixes: e25a89f743b1 ("media: mtk-vcodec: potential dereference of null pointer")
Cc: stable@vger.kernel.org
Signed-off-by: Haoxiang Li <haoxiang_li2024@163.com>
---
 .../media/platform/mediatek/vcodec/common/mtk_vcodec_fw_vpu.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/drivers/media/platform/mediatek/vcodec/common/mtk_vcodec_fw_vpu.c b/drivers/media/platform/mediatek/vcodec/common/mtk_vcodec_fw_vpu.c
index d7027d600208..1c94316f2d7d 100644
--- a/drivers/media/platform/mediatek/vcodec/common/mtk_vcodec_fw_vpu.c
+++ b/drivers/media/platform/mediatek/vcodec/common/mtk_vcodec_fw_vpu.c
@@ -117,8 +117,10 @@ struct mtk_vcodec_fw *mtk_vcodec_fw_vpu_init(void *priv, enum mtk_vcodec_fw_use
 		vpu_wdt_reg_handler(fw_pdev, mtk_vcodec_vpu_reset_enc_handler, priv, rst_id);
 
 	fw = devm_kzalloc(&plat_dev->dev, sizeof(*fw), GFP_KERNEL);
-	if (!fw)
+	if (!fw) {
+		put_device(&fw_pdev->dev);
 		return ERR_PTR(-ENOMEM);
+	}
 	fw->type = VPU;
 	fw->ops = &mtk_vcodec_vpu_msg;
 	fw->pdev = fw_pdev;
-- 
2.25.1
Re: [PATCH] media: mediatek: vcodec: Fix a reference leak in mtk_vcodec_fw_vpu_init()
Posted by AngeloGioacchino Del Regno 2 weeks, 1 day ago 
Il 15/09/25 14:09, Haoxiang Li ha scritto:
> vpu_get_plat_device() increases the reference count of the returned
> platform device. However, when devm_kzalloc() fails, the reference
> is not released, causing a reference leak.
> 
> Fix this by calling put_device() on fw_pdev->dev before returning
> on the error path.
> 
> Fixes: e25a89f743b1 ("media: mtk-vcodec: potential dereference of null pointer")
> Cc: stable@vger.kernel.org
> Signed-off-by: Haoxiang Li <haoxiang_li2024@163.com>

Reviewed-by: AngeloGioacchino Del Regno <angelogioacchino.delregno@collabora.com>
Re: [PATCH] media: mediatek: vcodec: Fix a reference leak in mtk_vcodec_fw_vpu_init()
Posted by Tzung-Bi Shih 2 weeks, 2 days ago 
On Mon, Sep 15, 2025 at 08:09:38PM +0800, Haoxiang Li wrote:
> vpu_get_plat_device() increases the reference count of the returned
> platform device. However, when devm_kzalloc() fails, the reference
> is not released, causing a reference leak.
> 
> Fix this by calling put_device() on fw_pdev->dev before returning
> on the error path.
> 
> Fixes: e25a89f743b1 ("media: mtk-vcodec: potential dereference of null pointer")
> Cc: stable@vger.kernel.org
> Signed-off-by: Haoxiang Li <haoxiang_li2024@163.com>

The reference, taking via of_find_device_by_node(), needs to be dropped after
use.  mtk_vcodec_vpu_release() does but the error handling path doesn't.

Reviewed-by: Tzung-Bi Shih <tzungbi@kernel.org>
Re: [PATCH] media: mediatek: vcodec: Fix a reference leak in mtk_vcodec_fw_vpu_init()
Posted by Markus Elfring 2 weeks, 2 days ago 
…
> Fix this by calling put_device() on fw_pdev->dev before returning
> on the error path.

How do you think about to increase the application of scope-based resource management?

Regards,
Markus

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.