[PATCH 1/2] mtd: nandsim: fix free of NULL pointer
Sheng Yong
shengyong1 at huawei.com
Wed Jun 17 02:03:37 PDT 2015
On 6/17/2015 4:48 PM, Richard Weinberger wrote:
> Am 17.06.2015 um 10:45 schrieb Sheng Yong:
>> If allocating ns->nand_pages_slab fails, do not try to destroy it when
>> cleaning up nandsim resources.
>>
>> Signed-off-by: Sheng Yong <shengyong1 at huawei.com>
>> ---
>> drivers/mtd/nand/nandsim.c | 3 ++-
>> 1 file changed, 2 insertions(+), 1 deletion(-)
>>
>> diff --git a/drivers/mtd/nand/nandsim.c b/drivers/mtd/nand/nandsim.c
>> index cb38f3d..33e4064 100644
>> --- a/drivers/mtd/nand/nandsim.c
>> +++ b/drivers/mtd/nand/nandsim.c
>> @@ -646,7 +646,8 @@ static void free_device(struct nandsim *ns)
>> kmem_cache_free(ns->nand_pages_slab,
>> ns->pages[i].byte);
>> }
>> - kmem_cache_destroy(ns->nand_pages_slab);
>> + if (ns->nand_pages_slab)
>> + kmem_cache_destroy(ns->nand_pages_slab);
>
> It is perfectly fine to free a NULL pointer.
OK, then maybe the double free is not a serious problem, besides we just
get a message "Trying to vfree() nonexistent vm area" or the like. But
kmem_cache_destroy() will access ns->nand_pages_slab, and ns->nand_pages_slab
is NULL. This will crash the kernel. :)
thanks,
Sheng
>
> Thanks,
> //richard
>
> .
>
More information about the linux-mtd
mailing list