| Message ID | 20221220045930.1106921-1-linmq006@gmail.com (mailing list archive) |
|---|---|
| State | New, archived |
| Delegated to: | Krzysztof WilczyĆski |
| Headers | show |
| Series | PCI: endpoint: Fix potential double free in __pci_epc_create | expand |
On Tue, Dec 20, 2022 at 08:59:29AM +0400, Miaoqian Lin wrote: > When all references are dropped, callback function pci_epc_release() > for put_device() already call kfree(epc) to release memory. > Remove abundant kfree to fix double free. > > Fixes: 7711cbb4862a ("PCI: endpoint: Fix WARN() when an endpoint driver is removed") > Signed-off-by: Miaoqian Lin <linmq006@gmail.com> Reviewed-by: Manivannan Sadhasivam <mani@kernel.org> - Mani > --- > drivers/pci/endpoint/pci-epc-core.c | 2 -- > 1 file changed, 2 deletions(-) > > diff --git a/drivers/pci/endpoint/pci-epc-core.c b/drivers/pci/endpoint/pci-epc-core.c > index 2542196e8c3d..7dc640c99d9a 100644 > --- a/drivers/pci/endpoint/pci-epc-core.c > +++ b/drivers/pci/endpoint/pci-epc-core.c > @@ -800,8 +800,6 @@ __pci_epc_create(struct device *dev, const struct pci_epc_ops *ops, > > put_dev: > put_device(&epc->dev); > - kfree(epc); > - > err_ret: > return ERR_PTR(ret); > } > -- > 2.25.1 >
diff --git a/drivers/pci/endpoint/pci-epc-core.c b/drivers/pci/endpoint/pci-epc-core.c index 2542196e8c3d..7dc640c99d9a 100644 --- a/drivers/pci/endpoint/pci-epc-core.c +++ b/drivers/pci/endpoint/pci-epc-core.c @@ -800,8 +800,6 @@ __pci_epc_create(struct device *dev, const struct pci_epc_ops *ops, put_dev: put_device(&epc->dev); - kfree(epc); - err_ret: return ERR_PTR(ret); }
When all references are dropped, callback function pci_epc_release() for put_device() already call kfree(epc) to release memory. Remove abundant kfree to fix double free. Fixes: 7711cbb4862a ("PCI: endpoint: Fix WARN() when an endpoint driver is removed") Signed-off-by: Miaoqian Lin <linmq006@gmail.com> --- drivers/pci/endpoint/pci-epc-core.c | 2 -- 1 file changed, 2 deletions(-)