13 Aug
2024
13 Aug
'24
6:02 a.m.
On Sun, 11 Aug 2024 22:23:36 +0200, Ivan Orlov wrote:
+static int snd_utimer_ioctl_create(struct file *file,
struct snd_timer_uinfo __user *_utimer_info)+{
- struct snd_utimer *utimer;
- struct snd_timer_uinfo *utimer_info __free(kfree) = NULL;
- int err;
- utimer_info = memdup_user(_utimer_info, sizeof(*utimer_info));
- if (IS_ERR(utimer_info))
return PTR_ERR(no_free_ptr(utimer_info));- err = snd_utimer_create(utimer_info, &utimer);
- if (err < 0)
return err;- utimer_info->id = utimer->id;
- err = copy_to_user(_utimer_info, utimer_info, sizeof(*utimer_info));
- if (err) {
snd_utimer_free(utimer);return -EFAULT;- }
- return anon_inode_getfd(utimer->name, &snd_utimer_fops, utimer, O_RDWR | O_CLOEXEC);
Wouldn't utimer be left unfreed if this returns an error?
thanks,
Takashi