mirror of
https://git.proxmox.com/git/mirror_ubuntu-kernels.git
synced 2026-01-12 08:18:04 +00:00
7a6278e5e4
The function framebuffer_release just calls kfree, so calling kfree subsequently on the same argument represents a double free. The comments with the definition of framebuffer_release in drivers/video/fbsysfs.c suggest that a more elaborate definition of this function is planned, such that the splitting up of framebuffer_release and kfree as done in the second instance might someday make sense, but it does not make sense now. This was found using the following semantic match. (http://www.emn.fr/x-info/coccinelle/) // <smpl> @@ expression E; @@ * kfree(E); ... * framebuffer_release(E); @@ expression E; @@ * framebuffer_release(E); ... * kfree(E); // </smpl> Signed-off-by: Julia Lawall <julia@diku.dk> Cc: Vitaly Wool <vitalywool@gmail.com> Cc: Krzysztof Helt <krzysztof.h1@wp.pl> Cc: Grigory Tolstolytkin <gtolstolytkin@ru.mvista.com> Cc: Antonino Daplas <adaplas@gmail.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
|---|---|---|
| .. | ||
| dum.h | ||
| fbcommon.h | ||
| Makefile | ||
| pnxrgbfb.c | ||
| sdum.c | ||
| sdum.h | ||