[ACPI] fix kmalloc size bug in acpi/video.c

acpi_video_device_find_cap() used &p instead of *p
when calculating storage size, thus allocating
only 4 or 8 bytes instead of 12...

Also, kfree(NULL) is legal, so remove some unneeded checks.

From: Paulo Marques <pmarques@grupopie.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Len Brown <len.brown@intel.com>

1 files changed, 6 insertions, 7 deletions

diff --git a/drivers/acpi/video.c b/drivers/acpi/video.c
index b3b352b8330a..2cf264fd52e0 100644
--- a/drivers/acpi/video.c
+++ b/drivers/acpi/video.c
@@ -564,12 +564,13 @@ acpi_video_device_find_cap (struct acpi_video_device *device)
                 int count = 0;
                 union acpi_object *o;
                 
-                br = kmalloc(sizeof &br, GFP_KERNEL);
+                br = kmalloc(sizeof(*br), GFP_KERNEL);
                 if (!br) {
                         printk(KERN_ERR "can't allocate memory\n");
                 } else {
-                        memset(br, 0, sizeof &br);
-                        br->levels = kmalloc(obj->package.count * sizeof &br->levels, GFP_KERNEL);
+                        memset(br, 0, sizeof(*br));
+                        br->levels = kmalloc(obj->package.count *
+                                        sizeof *(br->levels), GFP_KERNEL);
                         if (!br->levels)
                                 goto out;
 
@@ -584,8 +585,7 @@ acpi_video_device_find_cap (struct acpi_video_device *device)
                         }
 out:
                         if (count < 2) {
-                                if (br->levels)
-                                        kfree(br->levels);
+                                kfree(br->levels);
                                 kfree(br);
                         } else {
                                 br->count = count;
@@ -595,8 +595,7 @@ out:
                 }
         }
 
-        if (obj)
-                kfree(obj);
+        kfree(obj);
 
         return_VOID;
 }