V4L/DVB: stv0900: dereference of state->internal in fe_stv0900_error stv0900_init_int...
Roel Kluin [Sat, 29 Aug 2009 18:31:49 +0000 (15:31 -0300)]
state->internal allocation may fail as well as the allocation of
stv0900_first_inode or new_node->next_inode in append_internal().

Signed-off-by: Roel Kluin <roel.kluin@gmail.com>
Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>

drivers/media/dvb/frontends/stv0900_core.c

index 74791d5..e5791b2 100644 (file)
@@ -1384,7 +1384,14 @@ static enum fe_stv0900_error stv0900_init_internal(struct dvb_frontend *fe,
        } else {
                state->internal = kmalloc(sizeof(struct stv0900_internal),
                                                                GFP_KERNEL);
+               if (state->internal == NULL)
+                       return STV0900_INVALID_HANDLE;
                temp_int = append_internal(state->internal);
+               if (temp_int == NULL) {
+                       kfree(state->internal);
+                       state->internal = NULL;
+                       return STV0900_INVALID_HANDLE;
+               }
                state->internal->dmds_used = 1;
                state->internal->i2c_adap = state->i2c_adap;
                state->internal->i2c_addr = state->config->demod_address;