diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2021-02-22 00:57:08 +0300 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2021-02-22 00:57:08 +0300 |
commit | 66f73fb3facd42d0a7c899d7f4c712332b28499a (patch) | |
tree | d695ff291f52c686ddb0cec98ad5ccdcc99d02e0 /drivers/mtd | |
parent | 69e9b12a27a1b2d099e528928162428df4d6e93f (diff) | |
parent | 42119dbe571eb419dae99b81dd20fa42f47464e1 (diff) | |
download | linux-66f73fb3facd42d0a7c899d7f4c712332b28499a.tar.xz |
Merge tag 'for-linus-5.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rw/ubifs
Pull JFFS2/UBIFS and UBI updates from Richard Weinberger:
"JFFS2:
- Fix for use-after-free in jffs2_sum_write_data()
- Fix for out-of-bounds access in jffs2_zlib_compress()
UBI:
- Remove dead/useless code
UBIFS:
- Fix for a memory leak in ubifs_init_authentication()
- Fix for high stack usage
- Fix for a off-by-one error in xattrs code"
* tag 'for-linus-5.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rw/ubifs:
ubifs: Fix error return code in alloc_wbufs()
jffs2: check the validity of dstlen in jffs2_zlib_compress()
ubifs: Fix off-by-one error
ubifs: replay: Fix high stack usage, again
ubifs: Fix memleak in ubifs_init_authentication
jffs2: fix use after free in jffs2_sum_write_data()
ubi: eba: Delete useless kfree code
ubi: remove dead code in validate_vid_hdr()
Diffstat (limited to 'drivers/mtd')
-rw-r--r-- | drivers/mtd/ubi/eba.c | 1 | ||||
-rw-r--r-- | drivers/mtd/ubi/io.c | 7 |
2 files changed, 1 insertions, 7 deletions
diff --git a/drivers/mtd/ubi/eba.c b/drivers/mtd/ubi/eba.c index 892494c8cb7c..ccc5979642b7 100644 --- a/drivers/mtd/ubi/eba.c +++ b/drivers/mtd/ubi/eba.c @@ -142,7 +142,6 @@ struct ubi_eba_table *ubi_eba_create_table(struct ubi_volume *vol, return tbl; err: - kfree(tbl->entries); kfree(tbl); return ERR_PTR(err); diff --git a/drivers/mtd/ubi/io.c b/drivers/mtd/ubi/io.c index 2f3312c31e51..8a7306cc1947 100644 --- a/drivers/mtd/ubi/io.c +++ b/drivers/mtd/ubi/io.c @@ -913,12 +913,7 @@ static int validate_vid_hdr(const struct ubi_device *ubi, ubi_err(ubi, "bad data_size"); goto bad; } - } else if (lnum == used_ebs - 1) { - if (data_size == 0) { - ubi_err(ubi, "bad data_size at last LEB"); - goto bad; - } - } else { + } else if (lnum > used_ebs - 1) { ubi_err(ubi, "too high lnum"); goto bad; } |