summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRobertus Diawan Chris <robertusdchris@gmail.com>2026-05-19 05:05:28 +0300
committerJens Wiklander <jens.wiklander@linaro.org>2026-05-20 10:22:52 +0300
commit471c18323dfdfe7844e193b896a9267ae23a1026 (patch)
tree8843c6ae399152dea7b89cf4219037f4677dc9a4
parent028ef9c96e96197026887c0f092424679298aae8 (diff)
downloadlinux-471c18323dfdfe7844e193b896a9267ae23a1026.tar.xz
tee: qcomtee: add missing va_end in early return qcomtee_object_user_init()
qcomtee_object_user_init() is a variadic function and when the function return because there's no dispatch callback in QCOMTEE_OBJECT_TYPE_CB case, there's no va_end to cleanup "ap" object initialized by va_start and that can cause undefined behavior. So make sure to use va_end before returning the error code when there's no dispatch callback. This is reported by Coverity Scan as "Missing varargs init or cleanup". Fixes: d6e290837e50 ("tee: add Qualcomm TEE driver") Signed-off-by: Robertus Diawan Chris <robertusdchris@gmail.com> Reviewed-by: Amirreza Zarrabi <amirreza.zarrabi@oss.qualcomm.com> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
-rw-r--r--drivers/tee/qcomtee/core.c6
1 files changed, 4 insertions, 2 deletions
diff --git a/drivers/tee/qcomtee/core.c b/drivers/tee/qcomtee/core.c
index b1cb50e434f0..60fe3b5776e3 100644
--- a/drivers/tee/qcomtee/core.c
+++ b/drivers/tee/qcomtee/core.c
@@ -306,8 +306,10 @@ int qcomtee_object_user_init(struct qcomtee_object *object,
break;
case QCOMTEE_OBJECT_TYPE_CB:
object->ops = ops;
- if (!object->ops->dispatch)
- return -EINVAL;
+ if (!object->ops->dispatch) {
+ ret = -EINVAL;
+ break;
+ }
/* If failed, "no-name". */
object->name = kvasprintf_const(GFP_KERNEL, fmt, ap);