The cpu_dai variable is still being used after the of_node_put() call,
Such an implementation detail is questionable. https://wiki.sei.cmu.edu/confluence/display/c/MEM30-C.+Do+not+access+freed+m...
which may result in double-free:
This consequence is also undesirable. https://cwe.mitre.org/data/definitions/415.html
Now I wonder if two update steps are really appropriate as a fix instead of using a single update step for the desired correction in this software module. Should a commit (including previous ones) usually be correct by itself?
Thanks. These two updates fix two different bugs.
One of them is the use-after-free issue introduced by bc3cf17b575a: https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?...
- ret = snd_soc_of_get_dai_link_codecs(dev, codec, link); + cpu_dai = of_parse_phandle(cpu, "sound-dai", 0); + of_node_put(cpu); + of_node_put(codec); + + ret = snd_soc_of_get_dai_link_codecs(dev, codec, codec_link); if (ret < 0) goto err_put_codec_n;
and the other is the double-free issue introduced by d832d2b246c5: https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/tree/sou... and n303, n308.
So we sent two patches to fix them separately.
-- Regards, Wen