[Nouveau] [PATCH] drm/nouveau/led: prevent a possible use-after-free

[Martin Peres]

If the led class registration fails, we free drm->led but do not reset
it to NULL, which means that the suspend/resume/fini function will act
as if everything went well in init() and will likely crash the kernel.

This patch adds the missing drm->led = NULL.

Reported-by: Emmanuel Pescosta <emmanuelpescosta099 at gmail.com>
Signed-off-by: Martin Peres <martin.peres at free.fr>
---

Ben, I do not have a 4.10 kernel available to at least test-compile the
patch. Could you make sure it works before applying it? After all the
trouble we got from the LED before, I don't want to add another one!

 drm/nouveau/nouveau_led.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/drm/nouveau/nouveau_led.c b/drm/nouveau/nouveau_led.c
index 72456b16..2c5e0628 100644
--- a/drm/nouveau/nouveau_led.c
+++ b/drm/nouveau/nouveau_led.c
@@ -102,6 +102,7 @@ nouveau_led_init(struct drm_device *dev)
 	ret = led_classdev_register(dev->dev, &drm->led->led);
 	if (ret) {
 		kfree(drm->led);
+		drm->led = NULL;
 		return ret;
 	}
 
-- 
2.11.0