On 07/15/2016 11:28 AM, Dan Williams wrote:
acpi_evaluate_object() allocates memory. Free the buffer allocated
during acpi_nfit_add().
Dan, thanks for your fix.
Another one is the use-after-free issue in acpi_nfit_notify():
/* Evaluate _FIT */
status = acpi_evaluate_object(adev->handle, "_FIT", NULL, &buf);
...
acpi_desc->nfit =
(struct acpi_nfit_header *)obj->buffer.pointer;
...
kfree(buf.pointer);
_______________________________________________
Linux-nvdimm mailing list
Linux-nvdimm@lists.01.org
https://lists.01.org/mailman/listinfo/linux-nvdimm
