Hi,
On Sat, Jun 26, 2021 at 01:33:23AM +0300, Pavel Skripkin wrote:
> In case of allocation failures, all code paths was jumping
> to this code:
>
> err:
> kfree(fbi);
> kfree(var);
> kfree(fbops);
>
> return r;
>
> Since all 3 pointers placed on stack and don't initialized, they
> will be filled with some random values, which leads to
> deferencing random pointers in kfree(). Fix it by rewriting
> error handling path.
They are initialized before the first goto:
[...]
fbi = NULL;
var = NULL;
fbops = NULL;
fbi = kzalloc(sizeof(*fbi), GFP_KERNEL);
if (fbi == NULL) {
r = -ENOMEM;
goto err;
}
[...]
A.
