[PATCH 1/1] drm/exynos: Fix freeing issues in exynos_drm_drv.c
Sachin Kamat
sachin.kamat at linaro.org
Wed Jan 15 19:31:45 PST 2014
Make 'file_priv' NULL upon freeing and add a check before dereferencing to avoid
the following errors:
drivers/gpu/drm/exynos/exynos_drm_drv.c:182 exynos_drm_open()
error: double free of 'file_priv'
drivers/gpu/drm/exynos/exynos_drm_drv.c:188 exynos_drm_open()
error: dereferencing freed memory 'file_priv'
Signed-off-by: Sachin Kamat <sachin.kamat at linaro.org>
---
drivers/gpu/drm/exynos/exynos_drm_drv.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/drivers/gpu/drm/exynos/exynos_drm_drv.c b/drivers/gpu/drm/exynos/exynos_drm_drv.c
index 9d096a0..ee84a7b6 100644
--- a/drivers/gpu/drm/exynos/exynos_drm_drv.c
+++ b/drivers/gpu/drm/exynos/exynos_drm_drv.c
@@ -173,6 +173,7 @@ static int exynos_drm_open(struct drm_device *dev, struct drm_file *file)
ret = exynos_drm_subdrv_open(dev, file);
if (ret) {
kfree(file_priv);
+ file_priv = NULL;
file->driver_priv = NULL;
}
@@ -184,7 +185,8 @@ static int exynos_drm_open(struct drm_device *dev, struct drm_file *file)
}
anon_filp->f_mode = FMODE_READ | FMODE_WRITE;
- file_priv->anon_filp = anon_filp;
+ if (file_priv)
+ file_priv->anon_filp = anon_filp;
return ret;
}
--
1.7.9.5
More information about the dri-devel
mailing list