From c0a333d842ef67ac04adc72ff79dc1ccc3dca4ed Mon Sep 17 00:00:00 2001
From: Navid Emamdoost <navid.emamdoost@gmail.com>
Date: Sun, 27 Oct 2019 14:48:47 -0500
Subject: [PATCH] ASoC: SOF: Fix memory leak in sof_dfsentry_write
Git-commit: c0a333d842ef67ac04adc72ff79dc1ccc3dca4ed
Patch-mainline: v5.4-rc7
References: git-fixes, CVE-2019-18812, bsc#1156277

In the implementation of sof_dfsentry_write() memory allocated for
string is leaked in case of an error. Go to error handling path if the
d_name.name is not valid.

Fixes: 091c12e1f50c ("ASoC: SOF: debug: add new debugfs entries for IPC flood test")
Signed-off-by: Navid Emamdoost <navid.emamdoost@gmail.com>
Link: https://lore.kernel.org/r/20191027194856.4056-1-navid.emamdoost@gmail.com
Signed-off-by: Mark Brown <broonie@kernel.org>
Acked-by: Takashi Iwai <tiwai@suse.de>

---
 sound/soc/sof/debug.c |    6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

--- a/sound/soc/sof/debug.c
+++ b/sound/soc/sof/debug.c
@@ -150,8 +150,10 @@ static ssize_t sof_dfsentry_write(struct
 	 * in the debugfs entry.
 	 */
 	if (strcmp(dfse->dfsentry->d_name.name, "ipc_flood_count") &&
-	    strcmp(dfse->dfsentry->d_name.name, "ipc_flood_duration_ms"))
-		return -EINVAL;
+	    strcmp(dfse->dfsentry->d_name.name, "ipc_flood_duration_ms")) {
+		ret = -EINVAL;
+		goto out;
+	}
 
 	if (!strcmp(dfse->dfsentry->d_name.name, "ipc_flood_duration_ms"))
 		flood_duration_test = true;