Hi,
Fix possible null pointer kfree.
Signed-off-by: dave young <[EMAIL PROTECTED]>
mixer_oss.c |120 +-
1 file changed, 74 insertions(+), 46 deletions(-)
diff -purN linux/sound/core/oss/mixer_oss.c linux.new/sound/core/oss/mixer_oss.c
--- linux/sound/core/oss/mixer_oss.c2007-06-01 09:00:12.0 +
+++ linux.new/sound/core/oss/mixer_oss.c2007-06-01 09:36:10.0
+
@@ -512,23 +512,27 @@ static void snd_mixer_oss_get_volume1_vo
return;
}
uinfo = kzalloc(sizeof(*uinfo), GFP_KERNEL);
+ if (uinfo == NULL)
+ goto out_uinfo;
uctl = kzalloc(sizeof(*uctl), GFP_KERNEL);
- if (uinfo == NULL || uctl == NULL)
- goto __unalloc;
+ if (uctl == NULL)
+ goto out_uctl;
if (kctl->info(kctl, uinfo))
- goto __unalloc;
+ goto out;
if (kctl->get(kctl, uctl))
- goto __unalloc;
+ goto out;
if (uinfo->type == SNDRV_CTL_ELEM_TYPE_BOOLEAN &&
uinfo->value.integer.min == 0 && uinfo->value.integer.max == 1)
- goto __unalloc;
+ goto out;
*left = snd_mixer_oss_conv1(uctl->value.integer.value[0],
uinfo->value.integer.min, uinfo->value.integer.max,
&pslot->volume[0]);
if (uinfo->count > 1)
*right = snd_mixer_oss_conv1(uctl->value.integer.value[1],
uinfo->value.integer.min, uinfo->value.integer.max,
&pslot->volume[1]);
- __unalloc:
+out:
+ kfree(uctl);
+out_uctl:
+ kfree(uinfo);
+out_uinfo:
up_read(&card->controls_rwsem);
- kfree(uctl);
- kfree(uinfo);
}
static void snd_mixer_oss_get_volume1_sw(struct snd_mixer_oss_file *fmixer,
@@ -550,13 +554,15 @@ static void snd_mixer_oss_get_volume1_sw
return;
}
uinfo = kzalloc(sizeof(*uinfo), GFP_KERNEL);
+ if (uinfo == NULL)
+ goto out_uinfo;
uctl = kzalloc(sizeof(*uctl), GFP_KERNEL);
- if (uinfo == NULL || uctl == NULL)
- goto __unalloc;
+ if (uctl == NULL)
+ goto out_uctl;
if (kctl->info(kctl, uinfo))
- goto __unalloc;
+ goto out;
if (kctl->get(kctl, uctl))
- goto __unalloc;
+ goto out;
if (!uctl->value.integer.value[0]) {
*left = 0;
if (uinfo->count == 1)
@@ -564,10 +570,12 @@ static void snd_mixer_oss_get_volume1_sw
}
if (uinfo->count > 1 && !uctl->value.integer.value[route ? 3 : 1])
*right = 0;
- __unalloc:
- up_read(&card->controls_rwsem);
- kfree(uctl);
+out:
+ kfree(uctl);
+out_uctl:
kfree(uinfo);
+out_uinfo:
+ up_read(&card->controls_rwsem);
}
static int snd_mixer_oss_get_volume1(struct snd_mixer_oss_file *fmixer,
@@ -613,25 +621,29 @@ static void snd_mixer_oss_put_volume1_vo
if ((kctl = snd_ctl_find_numid(card, numid)) == NULL)
return;
uinfo = kzalloc(sizeof(*uinfo), GFP_KERNEL);
+ if (uinfo == NULL)
+ goto out_uinfo;
uctl = kzalloc(sizeof(*uctl), GFP_KERNEL);
- if (uinfo == NULL || uctl == NULL)
- goto __unalloc;
+ if (uctl == NULL)
+ goto out_uctl;
if (kctl->info(kctl, uinfo))
- goto __unalloc;
+ goto out;
if (uinfo->type == SNDRV_CTL_ELEM_TYPE_BOOLEAN &&
uinfo->value.integer.min == 0 && uinfo->value.integer.max == 1)
- goto __unalloc;
+ goto out;
uctl->value.integer.value[0] = snd_mixer_oss_conv2(left,
uinfo->value.integer.min, uinfo->value.integer.max);
if (uinfo->count > 1)
uctl->value.integer.value[1] = snd_mixer_oss_conv2(right,
uinfo->value.integer.min, uinfo->value.integer.max);
if ((res = kctl->put(kctl, uctl)) < 0)
- goto __unalloc;
+ goto out;
if (res > 0)
snd_ctl_notify(card, SNDRV_CTL_EVENT_MASK_VALUE, &kctl->id);
- __unalloc:
- up_read(&card->controls_rwsem);
- kfree(uctl);
+out:
+ kfree(uctl);
+out_uctl:
kfree(uinfo);
+out_uinfo:
+ up_read(&card->controls_rwsem);
}
static void snd_mixer_oss_put_volume1_sw(struct snd_mixer_oss_file *fmixer,
@@ -654,11 +666,13 @@ static void snd_mixer_oss_put_volume1_sw
return;
}
uinfo = kzalloc(sizeof(*uinfo), GFP_KERNEL);
+ if (uinfo == NULL)
+ goto out_uinfo;
uctl = kzalloc(sizeof(*uctl), GFP_KERNEL);
- if (uinfo == NULL || uctl == NULL)
- goto __unalloc;
+ if (uctl == NULL)
+ goto out_uctl;
if (kctl->info(kctl, uinfo))
- goto __unalloc;
+ goto out;
if (uinfo->count > 1) {
uctl->value.integer.value[0] = left > 0 ? 1 : 0;
uctl->value.integer.value[route ? 3 : 1] = ri