tee: qcomtee: fix uninitialized pointers with free attribute

aheev · jenswi-linaro · commit ac5ae0a5ce22 · 2025-11-14T08:42:07.000+01:00
Uninitialized pointers with `__free` attribute can cause undefined behavior as the memory assigned randomly to the pointer is freed automatically when the pointer goes out of scope. qcomtee doesn't have any bugs related to this as of now, but it is better to initialize and assign pointers with `__free` attribute in one statement to ensure proper scope-based cleanup Reported-by: Dan Carpenter <dan.carpenter@linaro.org> Closes: https://lore.kernel.org/all/aPiG_F5EBQUjZqsl@stanley.mountain/ Signed-off-by: Ally Heev <allyheev@gmail.com> Reviewed-by: Sumit Garg <sumit.garg@oss.qualcomm.com> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
diff --git a/drivers/tee/qcomtee/call.c b/drivers/tee/qcomtee/call.c
@@ -645,7 +645,7 @@ static void qcomtee_get_version(struct tee_device *teedev,
 static void qcomtee_get_qtee_feature_list(struct tee_context *ctx, u32 id,
 					  u32 *version)
 {
-	struct qcomtee_object_invoke_ctx *oic __free(kfree);
+	struct qcomtee_object_invoke_ctx *oic __free(kfree) = NULL;
 	struct qcomtee_object *client_env, *service;
 	struct qcomtee_arg u[3] = { 0 };
 	int result;

Original file line number	Diff line number	Diff line change
`@@ -645,7 +645,7 @@ static void qcomtee_get_version(struct tee_device *teedev,`
`645`	`645`	`static void qcomtee_get_qtee_feature_list(struct tee_context *ctx, u32 id,`
`646`	`646`	`u32 *version)`
`647`	`647`	`{`
`648`		`- struct qcomtee_object_invoke_ctx *oic __free(kfree);`
	`648`	`+ struct qcomtee_object_invoke_ctx *oic __free(kfree) = NULL;`
`649`	`649`	`struct qcomtee_object client_env, service;`
`650`	`650`	`struct qcomtee_arg u[3] = { 0 };`
`651`	`651`	`int result;`