From f35691062a138484b51bf53b36ae8a4495d8fb91 Mon Sep 17 00:00:00 2001 From: Julia Lawall Date: Wed, 27 Oct 2010 15:33:28 -0700 Subject: [PATCH] drivers/video/gbefb.c: eliminate memory leak This code is preceded by a call to framebuffer_alloc, which allocates memory, so this memory should be freed before leaving the function in an error case. out_release_framebuffer just frees the frame buffer and returns. A simplified version of the semantic match that finds this problem is: (http://coccinelle.lip6.fr/) // @r exists@ local idexpression x; expression E; identifier f1; iterator I; @@ x = framebuffer_alloc(...); <... when != x when != true (x == NULL || ...) when != if (...) { <+...x...+> } when != I (...) { <+...x...+> } ( x == NULL | x == E | x->f1 ) ...> * return ...; // Signed-off-by: Julia Lawall Cc: Ralf Baechle Cc: Arnaud Patard Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- drivers/video/gbefb.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/drivers/video/gbefb.c b/drivers/video/gbefb.c index ca3355e430bf..933899dca33a 100644 --- a/drivers/video/gbefb.c +++ b/drivers/video/gbefb.c @@ -1143,8 +1143,10 @@ static int __devinit gbefb_probe(struct platform_device *p_dev) return -ENOMEM; #ifndef MODULE - if (fb_get_options("gbefb", &options)) - return -ENODEV; + if (fb_get_options("gbefb", &options)) { + ret = -ENODEV; + goto out_release_framebuffer; + } gbefb_setup(options); #endif -- 2.20.1