Thread (4 messages) 4 messages, 3 authors, 2021-01-11

RE: [PATCH] usb: cdnsp: fix error handling in cdnsp_mem_init()

From: Pawel Laszczak <pawell@cadence.com>
Date: 2021-01-11 06:50:15 

On Fri, Dec 11, 2020 at 10:50:53AM +0100, Pawel Laszczak wrote:
quoted
This function uses "One Function Cleans up Everything" style and that's
basically impossible to do correctly. It's cleaner to write it with
"clean up the most recent allocation".

Patch fixes two isues:
1. If pdev->dcbaa = dma_alloc_coherent() fails then that leads to a NULL
   dereference inside the cdnsp_free_priv_device() function.
2. if cdnsp_alloc_priv_device() fails that leads to a double free because
   we free pdev->out_ctx.bytes in several places.

Signed-off-by: Dan Carpenter <redacted>
Signed-off-by: Pawel Laszczak <pawell@cadence.com>
Reported-by: Dan Carpenter <redacted>
Tested-by: Pawel Laszczak <pawell@cadence.com>
---
 drivers/usb/cdns3/cdnsp-mem.c | 36 +++++++++++++++++++++++------------
 1 file changed, 24 insertions(+), 12 deletions(-)
This file isn't in 5.11-rc1 :(
Hi Greg,

Sorry for the long delay. I had holiday.

All CDNS3 and CDNSP patches should be added to Peter Chan tree,
so I based on his tree.

Regards,
Pawel
  



    
  

  
    

      

        Keyboard shortcuts
      

      

        
          
hback out one level

          
jnext message in thread

          
kprevious message in thread

          
ldrill in

          
Escclose help / fold thread tree

          
?toggle this help