Signed-off-by: Biancaa Ramesh <biancaa2210329@ssn.edu.in>
[PATCH] media: cx18: fix potential double free in cx18_stream_alloc
The function cx18_stream_alloc() may free buf->buf and buf multiple times
if dma_mapping_error() occurs. This patch:
- Adds checks before kfree() to avoid double free
- Sets pointers to NULL after free to make accidental double free less likely
- Improves overall memory safety and robustness in error paths
---
drivers/media/pci/cx18/cx18-queue.c | 11 +++++++++--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/drivers/media/pci/cx18/cx18-queue.c b/drivers/media/pci/cx18/cx18-queue.c
index eeb5513b1d52..025ba4e6e4be 100644
--- a/drivers/media/pci/cx18/cx18-queue.c
+++ b/drivers/media/pci/cx18/cx18-queue.c
@@ -383,9 +383,16 @@ int cx18_stream_alloc(struct cx18_stream *s)
buf->buf, s->buf_size,
s->dma);
if (dma_mapping_error(&s->cx->pci_dev->dev, buf->dma_handle)) {
- kfree(buf->buf);
+ if (buf) {
+ if (buf->buf){
+ kfree(buf->buf);
+ buf->buf =NULL;
+ }
+ kfree(buf);
+ buf=NULL;
+ }
kfree(mdl);
- kfree(buf);
+ //makes accidental double free less possible
break;
}
--
2.43.0
--
::DISCLAIMER::
---------------------------------------------------------------------
The
contents of this e-mail and any attachment(s) are confidential and
intended
for the named recipient(s) only. Views or opinions, if any,
presented in
this email are solely those of the author and may not
necessarily reflect
the views or opinions of SSN Institutions (SSN) or its
affiliates. Any form
of reproduction, dissemination, copying, disclosure,
modification,
distribution and / or publication of this message without the
prior written
consent of authorized representative of SSN is strictly
prohibited. If you
have received this email in error please delete it and
notify the sender
immediately.
---------------------------------------------------------------------
Header of this mail should have a valid DKIM signature for the domain
ssn.edu.in <http://www.ssn.edu.in/>