fix for a memory leak in an error case introduced by fix for double free
Oliver Neukum [Sat, 26 Jul 2008 20:42:42 +0000 (22:42 +0200)]
The fix NULLed a pointer without freeing it.

Signed-off-by: Oliver Neukum <oneukum@suse.de>
Reported-by: Juha Motorsportcom <juha_motorsportcom@luukku.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

drivers/usb/serial/ipaq.c

index 832a5a4..cd9a2e1 100644 (file)
@@ -651,15 +651,17 @@ static int ipaq_open(struct tty_struct *tty,
         */
 
        kfree(port->bulk_in_buffer);
+       kfree(port->bulk_out_buffer);
+       /* make sure the generic serial code knows */
+       port->bulk_out_buffer = NULL;
+
        port->bulk_in_buffer = kmalloc(URBDATA_SIZE, GFP_KERNEL);
-       if (port->bulk_in_buffer == NULL) {
-               port->bulk_out_buffer = NULL; /* prevent double free */
+       if (port->bulk_in_buffer == NULL)
                goto enomem;
-       }
 
-       kfree(port->bulk_out_buffer);
        port->bulk_out_buffer = kmalloc(URBDATA_SIZE, GFP_KERNEL);
        if (port->bulk_out_buffer == NULL) {
+               /* the buffer is useless, free it */
                kfree(port->bulk_in_buffer);
                port->bulk_in_buffer = NULL;
                goto enomem;