1. Patchew
  2. linux
  3. View series

[PATCH] Input: imx_sc_key - Fix memory corruption on unload

Dan Carpenter posted 1 patch 3 months, 1 week ago 
drivers/input/keyboard/imx_sc_key.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
[PATCH] Input: imx_sc_key - Fix memory corruption on unload
Posted by Dan Carpenter 3 months, 1 week ago 
This is supposed to be "priv" but we accidentally pass "&priv" which is
an address in the stack and so it will lead to memory corruption when
the imx_sc_key_action() function is called.  Remove the &.

Fixes: 768062fd1284 ("Input: imx_sc_key - use devm_add_action_or_reset() to handle all cleanups")
Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org>
---
 drivers/input/keyboard/imx_sc_key.c | 2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/drivers/input/keyboard/imx_sc_key.c b/drivers/input/keyboard/imx_sc_key.c
index d18839f1f4f6..b620cd310cdb 100644
--- a/drivers/input/keyboard/imx_sc_key.c
+++ b/drivers/input/keyboard/imx_sc_key.c
@@ -158,7 +158,7 @@ static int imx_sc_key_probe(struct platform_device *pdev)
 		return error;
 	}
 
-	error = devm_add_action_or_reset(&pdev->dev, imx_sc_key_action, &priv);
+	error = devm_add_action_or_reset(&pdev->dev, imx_sc_key_action, priv);
 	if (error)
 		return error;
 
-- 
2.51.0
Re: [PATCH] Input: imx_sc_key - Fix memory corruption on unload
Posted by Dmitry Torokhov 3 months ago 
On Sat, Nov 01, 2025 at 04:25:27PM +0300, Dan Carpenter wrote:
> This is supposed to be "priv" but we accidentally pass "&priv" which is
> an address in the stack and so it will lead to memory corruption when
> the imx_sc_key_action() function is called.  Remove the &.
> 
> Fixes: 768062fd1284 ("Input: imx_sc_key - use devm_add_action_or_reset() to handle all cleanups")
> Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org>

Applied, thank you.

-- 
Dmitry
Re: [PATCH] Input: imx_sc_key - Fix memory corruption on unload
Posted by Peng Fan 3 months ago 
On Sat, Nov 01, 2025 at 04:25:27PM +0300, Dan Carpenter wrote:
>This is supposed to be "priv" but we accidentally pass "&priv" which is
>an address in the stack and so it will lead to memory corruption when
>the imx_sc_key_action() function is called.  Remove the &.
>
>Fixes: 768062fd1284 ("Input: imx_sc_key - use devm_add_action_or_reset() to handle all cleanups")
>Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org>

Thanks for the fix.

Reviewed-by: Peng Fan <peng.fan@nxp.com>
Re: [PATCH] Input: imx_sc_key - Fix memory corruption on unload
Posted by Frank Li 3 months ago 
On Sat, Nov 01, 2025 at 04:25:27PM +0300, Dan Carpenter wrote:
> This is supposed to be "priv" but we accidentally pass "&priv" which is
> an address in the stack and so it will lead to memory corruption when
> the imx_sc_key_action() function is called.  Remove the &.
>
> Fixes: 768062fd1284 ("Input: imx_sc_key - use devm_add_action_or_reset() to handle all cleanups")
> Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org>

Reviewed-by: Frank Li <Frank.Li@nxp.com>

> ---
>  drivers/input/keyboard/imx_sc_key.c | 2 +-
>  1 files changed, 1 insertions(+), 1 deletions(-)
>
> diff --git a/drivers/input/keyboard/imx_sc_key.c b/drivers/input/keyboard/imx_sc_key.c
> index d18839f1f4f6..b620cd310cdb 100644
> --- a/drivers/input/keyboard/imx_sc_key.c
> +++ b/drivers/input/keyboard/imx_sc_key.c
> @@ -158,7 +158,7 @@ static int imx_sc_key_probe(struct platform_device *pdev)
>  		return error;
>  	}
>
> -	error = devm_add_action_or_reset(&pdev->dev, imx_sc_key_action, &priv);
> +	error = devm_add_action_or_reset(&pdev->dev, imx_sc_key_action, priv);
>  	if (error)
>  		return error;
>
> --
> 2.51.0
>

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.