ACK: [FOCAL][CVE-2019-19054][PATCH] media: rc: prevent memory leak in cx23888_ir_probe
Colin Ian King
colin.king at canonical.com
Wed Aug 12 18:00:25 UTC 2020
On 12/08/2020 18:51, William Breathitt Gray wrote:
> From: Navid Emamdoost <navid.emamdoost at gmail.com>
>
> In cx23888_ir_probe if kfifo_alloc fails the allocated memory for state
> should be released.
>
> Signed-off-by: Navid Emamdoost <navid.emamdoost at gmail.com>
> Signed-off-by: Sean Young <sean at mess.org>
> Signed-off-by: Mauro Carvalho Chehab <mchehab+samsung at kernel.org>
>
> CVE-2019-19054
>
> (cherry picked from a7b2df76b42bdd026e3106cf2ba97db41345a177)
> Signed-off-by: William Breathitt Gray <william.gray at canonical.com>
> ---
> drivers/media/pci/cx23885/cx23888-ir.c | 5 ++++-
> 1 file changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/media/pci/cx23885/cx23888-ir.c b/drivers/media/pci/cx23885/cx23888-ir.c
> index e880afe37f15..d59ca3601785 100644
> --- a/drivers/media/pci/cx23885/cx23888-ir.c
> +++ b/drivers/media/pci/cx23885/cx23888-ir.c
> @@ -1167,8 +1167,11 @@ int cx23888_ir_probe(struct cx23885_dev *dev)
> return -ENOMEM;
>
> spin_lock_init(&state->rx_kfifo_lock);
> - if (kfifo_alloc(&state->rx_kfifo, CX23888_IR_RX_KFIFO_SIZE, GFP_KERNEL))
> + if (kfifo_alloc(&state->rx_kfifo, CX23888_IR_RX_KFIFO_SIZE,
> + GFP_KERNEL)) {
> + kfree(state);
> return -ENOMEM;
> + }
>
> state->dev = dev;
> sd = &state->sd;
>
Thanks, looks sane to me
Acked-by: Colin Ian King <colin.king at canonical.com>
More information about the kernel-team
mailing list