lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20251110072349.102169-1-wangdich9700@163.com>
Date: Mon, 10 Nov 2025 15:23:49 +0800
From: wangdich9700@....com
To: lgirdwood@...il.com,
	broonie@...nel.org,
	perex@...ex.cz,
	tiwai@...e.com,
	cezary.rojewski@...el.com
Cc: linux-kernel@...r.kernel.org,
	linux-sound@...r.kernel.org,
	linux-arm-kernel@...ts.infradead.org,
	wangdicheng <wangdicheng@...inos.cn>
Subject: [PATCH] ALSA: hda/realtek: Fix resource cleanup in alc_alloc_spec error path

From: wangdicheng <wangdicheng@...inos.cn>

Ensure proper resource cleanup when alc_codec_rename_from_preset() fails
in alc_alloc_spec(). Currently, the error path only calls kfree(spec) but
does not:

1. Destroy the initialized coef_mutex mutex
2. Reset codec->spec to NULL, potentially leaving a dangling pointer

Signed-off-by: wangdicheng <wangdicheng@...inos.cn>
---
 sound/hda/codecs/realtek/realtek.c | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/sound/hda/codecs/realtek/realtek.c b/sound/hda/codecs/realtek/realtek.c
index ca377a5adadb..9a358c072e50 100644
--- a/sound/hda/codecs/realtek/realtek.c
+++ b/sound/hda/codecs/realtek/realtek.c
@@ -1029,6 +1029,7 @@ int alc_alloc_spec(struct hda_codec *codec, hda_nid_t mixer_nid)
 {
 	struct alc_spec *spec = kzalloc(sizeof(*spec), GFP_KERNEL);
 	int err;
+	bool mutex_initialized = false;
 
 	if (!spec)
 		return -ENOMEM;
@@ -1040,14 +1041,22 @@ int alc_alloc_spec(struct hda_codec *codec, hda_nid_t mixer_nid)
 	/* FIXME: do we need this for all Realtek codec models? */
 	codec->spdif_status_reset = 1;
 	codec->forced_resume = 1;
+
 	mutex_init(&spec->coef_mutex);
 
 	err = alc_codec_rename_from_preset(codec);
 	if (err < 0) {
-		kfree(spec);
-		return err;
+		codec_err(codec, "Failed to rename codec: %d\n", err);
+		goto error;
 	}
 	return 0;
+
+error:
+	if (mutex_initialized)
+		mutex_destroy(&spec->coef_mutex);
+	codec->spec = NULL;
+	kfree(spec);
+	return err;
 }
 EXPORT_SYMBOL_NS_GPL(alc_alloc_spec, "SND_HDA_CODEC_REALTEK");
 
-- 
2.25.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ