[PATCH 1/2] mtd: nandsim: fix free of NULL pointer
Richard Weinberger
richard at nod.at
Wed Jun 17 02:05:30 PDT 2015
Am 17.06.2015 um 11:03 schrieb Sheng Yong:
>
>
> On 6/17/2015 4:48 PM, Richard Weinberger wrote:
>> Am 17.06.2015 um 10:45 schrieb Sheng Yong:
>>> If allocating ns->nand_pages_slab fails, do not try to destroy it when
>>> cleaning up nandsim resources.
>>>
>>> Signed-off-by: Sheng Yong <shengyong1 at huawei.com>
>>> ---
>>> drivers/mtd/nand/nandsim.c | 3 ++-
>>> 1 file changed, 2 insertions(+), 1 deletion(-)
>>>
>>> diff --git a/drivers/mtd/nand/nandsim.c b/drivers/mtd/nand/nandsim.c
>>> index cb38f3d..33e4064 100644
>>> --- a/drivers/mtd/nand/nandsim.c
>>> +++ b/drivers/mtd/nand/nandsim.c
>>> @@ -646,7 +646,8 @@ static void free_device(struct nandsim *ns)
>>> kmem_cache_free(ns->nand_pages_slab,
>>> ns->pages[i].byte);
>>> }
>>> - kmem_cache_destroy(ns->nand_pages_slab);
>>> + if (ns->nand_pages_slab)
>>> + kmem_cache_destroy(ns->nand_pages_slab);
>>
>> It is perfectly fine to free a NULL pointer.
> OK, then maybe the double free is not a serious problem, besides we just
> get a message "Trying to vfree() nonexistent vm area" or the like. But
> kmem_cache_destroy() will access ns->nand_pages_slab, and ns->nand_pages_slab
> is NULL. This will crash the kernel. :)
Please see my other may, I was wrong. :)
Thanks,
//richard
More information about the linux-mtd
mailing list