WSL2-Linux-Kernel/drivers/staging
Ian Abbott af4b54a2e5 staging: comedi: ni_usb6501: Fix possible double-free of ->usb_rx_buf
`ni6501_alloc_usb_buffers()` is called from `ni6501_auto_attach()` to
allocate RX and TX buffers for USB transfers.  It allocates
`devpriv->usb_rx_buf` followed by `devpriv->usb_tx_buf`.  If the
allocation of `devpriv->usb_tx_buf` fails, it frees
`devpriv->usb_rx_buf`, leaving the pointer set dangling, and returns an
error.  Later, `ni6501_detach()` will be called from the core comedi
module code to clean up.  `ni6501_detach()` also frees both
`devpriv->usb_rx_buf` and `devpriv->usb_tx_buf`, but
`devpriv->usb_rx_buf` may have already beed freed, leading to a
double-free error.  Fix it bu removing the call to
`kfree(devpriv->usb_rx_buf)` from `ni6501_alloc_usb_buffers()`, relying
on `ni6501_detach()` to free the memory.

Signed-off-by: Ian Abbott <abbotti@mev.co.uk>
Cc: stable <stable@vger.kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2019-04-17 11:59:24 +02:00
..
android staging: android: ashmem: Avoid range_alloc() allocation with ashmem_mutex held. 2019-02-26 11:50:17 +01:00
axis-fifo staging: axis-fifo: add CONFIG_OF dependency 2019-03-18 07:57:58 +01:00
board
clocking-wizard staging: clocking-wizard: match parenthesis indentation 2018-10-09 14:57:33 +02:00
comedi staging: comedi: ni_usb6501: Fix possible double-free of ->usb_rx_buf 2019-04-17 11:59:24 +02:00
emxx_udc Staging: emxx_udc: Switch to the gpio descriptor interface 2019-01-15 16:25:58 +01:00
erofs staging: erofs: fix unexpected out-of-bound data access 2019-04-16 13:56:20 +02:00
fbtft Staging: fbtft: Fix line over 80 characters 2019-02-26 11:40:07 +01:00
fsl-dpaa2 Staging/IIO patches for 5.1-rc1 2019-03-06 16:29:27 -08:00
fwserial Staging: fwserial: Add blank line after declarations 2019-02-26 11:40:08 +01:00
gasket staging: gasket: interrupt: remove unused including <linux/version.h> 2019-01-22 11:32:36 +01:00
gdm724x
goldfish staging: goldfish: remove GPL boiler plate text 2019-01-15 16:08:04 +01:00
greybus Staging: greybus: Alignment should match open parenthesis 2019-02-26 11:46:51 +01:00
gs_fpgaboot staging: gs_fpgaboot: cleanup alignment issue - style 2019-01-15 16:08:05 +01:00
iio staging: iio: ad7192: Fix ad7193 channel address 2019-03-09 16:55:06 +00:00
ks7010 Staging: ks7010: Replace typecast to int 2019-03-01 09:05:01 +01:00
media media updates for v5.1-rc1 2019-03-09 14:45:54 -08:00
most staging: most: core: use device description as name 2019-04-02 20:23:07 +02:00
mt7621-dma staging: mt7621-dma: remove license boilerplate text 2019-03-03 09:25:42 +01:00
mt7621-dts staging: mt7621-dts: update ethernet settings. 2019-03-18 07:55:55 +01:00
mt7621-mmc staging: mt7621-mmc: Prefer using BIT macro 2019-02-19 11:18:00 +01:00
mt7621-pci staging, mt7621-pci: fix build without pci support 2019-03-18 07:59:04 +01:00
mt7621-pci-phy staging: mt7621-pci-phy: use 'module_init' instead of 'arch_initcall' 2019-02-19 11:12:08 +01:00
mt7621-pinctrl staging: mt7621-pinctrl: Test devm_kzalloc for failure while improving the code 2019-01-30 15:38:50 +01:00
mt7621-spi staging: mt7621-spi: Clean up comparison to NULL 2019-02-04 12:34:37 +01:00
netlogic staging: netlogic: Remove boilerplate license text 2019-02-26 11:40:07 +01:00
nvec
octeon staging: octeon-ethernet: fix incorrect PHY mode 2019-03-26 05:54:18 +09:00
octeon-usb staging: octeon-usb: fix misspelled "re-enable" 2019-02-21 10:58:11 +01:00
olpc_dcon staging: olpc_dcon_xo_1: add missing 'const' qualifier 2019-03-18 07:57:58 +01:00
pi433 staging: pi433: add missing call to cdev_del() 2018-12-05 09:39:45 +01:00
ralink-gdma staging: Move ralink-gdma to its own directory 2019-01-15 16:28:02 +01:00
rtl8188eu staging: rtl8188eu: Fix potential NULL pointer dereference of kcalloc 2019-03-21 08:32:57 +01:00
rtl8192e staging: rtl8192e: Fix space and suspect issue 2019-02-28 19:14:53 +01:00
rtl8192u staging: rtl8192u: remove redundant nul check on pointer dev 2019-02-07 13:33:54 +01:00
rtl8712 staging: rtl8712: uninitialized memory in read_bbreg_hdl() 2019-03-21 08:32:57 +01:00
rtl8723bs staging: rtl8188eu: Fix potential NULL pointer dereference of kcalloc 2019-03-21 08:32:57 +01:00
rtlwifi staging: rtlwifi: Fix potential NULL pointer dereference of kzalloc 2019-03-21 08:32:58 +01:00
rts5208 Staging: rts5208: Fix error handling on rtsx_send_cmd 2019-01-07 11:28:15 +01:00
sm750fb staging: sm750fb: Rename setDisplayControl to set_display_control - style 2019-02-07 13:33:54 +01:00
speakup staging: speakup_soft: Fix alternate speech with other synths 2019-03-18 07:57:58 +01:00
unisys staging: visornic: use skb_put_zero() instead of open-coded version 2019-02-19 15:35:25 +01:00
vboxvideo staging/vboxvideo: prepare for drmP.h removal from drm_modeset_helper.h 2019-02-07 21:47:29 +01:00
vc04_services staging: vc04_services: Fix an error code in vchiq_probe() 2019-03-26 05:54:18 +09:00
vme
vt6655 staging: vt6655: Remove vif check from vnt_interrupt 2019-03-29 17:25:45 +01:00
vt6656 staging: vt6656: key: Mark expected switch fall-throughs 2019-02-19 11:14:14 +01:00
wilc1000 staging: wilc1000: fix incorrent type in initializer 2019-02-28 08:45:28 +01:00
wlan-ng staging: wlan-ng: formatting change in cfg80211.c 2019-02-08 10:31:14 +01:00
Kconfig staging: remove mt7621-eth 2019-03-18 07:55:55 +01:00
Makefile staging: remove mt7621-eth 2019-03-18 07:55:55 +01:00