diag: Mark Buffer as NULL after freeingLE.UM.2.3.2-05100-SDX24

There is a possibility of use-after-free and double free because of not marking buffer as NULL after freeing. The patch marks buffer as NULL after freeing in error case. Change-Id: Iacf8f8a4a4e644f48c87d5445ccd594766f2e156 Signed-off-by: Hardik Arya <harya@codeaurora.org>
author: Hardik Arya <harya@codeaurora.org> 2018-11-23 10:41:41 +0530
committer: Gerrit - the friendly Code Review server <code-review@localhost> 2019-01-09 07:51:26 -0800
commit: 44ffa80a5e3453a0c154e7818d0f0c87dca0e620 (patch)
tree: ac04a79d4cd7752c5811f2bc78c80eb878814c00
parent: 5c0b6a0c9a3ef1995c89c329a39fcced60a0bb04 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/drivers/char/diag/diag_masks.c b/drivers/char/diag/diag_masks.c
index 7be5a06f7f82..395209473a3b 100644
--- a/drivers/char/diag/diag_masks.c
+++ b/drivers/char/diag/diag_masks.c
@@ -1772,6 +1772,7 @@ static int __diag_mask_init(struct diag_mask_info *mask_info, int mask_len,
 		mask_info->update_buf = kzalloc(update_buf_len, GFP_KERNEL);
 		if (!mask_info->update_buf) {
 			kfree(mask_info->ptr);
+			mask_info->ptr = NULL;
 			return -ENOMEM;
 		}
 		kmemleak_not_leak(mask_info->update_buf);
author	Hardik Arya <harya@codeaurora.org>	2018-11-23 10:41:41 +0530
committer	Gerrit - the friendly Code Review server <code-review@localhost>	2019-01-09 07:51:26 -0800
commit	44ffa80a5e3453a0c154e7818d0f0c87dca0e620 (patch)
tree	ac04a79d4cd7752c5811f2bc78c80eb878814c00
parent	5c0b6a0c9a3ef1995c89c329a39fcced60a0bb04 (diff)