USB: wusbcore: fix usb_dev leaks

cbaf_probe() does cbaf->usb_dev = usb_get_dev(interface_to_usbdev(iface)),
but there is no usb_put_dev() anywhere in cbaf.

The patch adds usb_put_dev() to cbaf_disconnect() and to an error path in cbaf_probe().
Also it adds missed usb_put_intf(iface) to the error path.

Found by Linux Driver Verification project (linuxtesting.org).

Signed-off-by: Alexey Khoroshilov <khoroshilov@ispras.ru>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

diff --git a/drivers/usb/wusbcore/cbaf.c b/drivers/usb/wusbcore/cbaf.c
index 010f990..f06ed82 100644 (file)
--- a/drivers/usb/wusbcore/cbaf.c
+++ b/drivers/usb/wusbcore/cbaf.c
@@ -623,6 +623,8 @@ static int cbaf_probe(struct usb_interface *iface,
 
 error_create_group:
 error_check:
+       usb_put_intf(iface);
+       usb_put_dev(cbaf->usb_dev);
        kfree(cbaf->buffer);
 error_kmalloc_buffer:
        kfree(cbaf);
@@ -637,6 +639,7 @@ static void cbaf_disconnect(struct usb_interface *iface)
        sysfs_remove_group(&dev->kobj, &cbaf_dev_attr_group);
        usb_set_intfdata(iface, NULL);
        usb_put_intf(iface);
+       usb_put_dev(cbaf->usb_dev);
        kfree(cbaf->buffer);
        /* paranoia: clean up crypto keys */
        kzfree(cbaf);