[media] media, tlg2300: Fix memory leak in alloc_bulk_urbs_generic()

Hi,

While reading
drivers/media/video/tlg2300/pd-video.c::alloc_bulk_urbs_generic() I
noticed that

 - We don't free the memory allocated to 'urb' if the call to
   usb_alloc_coherent() fails.
 - If the 'num' argument to the function is ever <= 0 we'll return an
   uninitialized variable 'i' to the caller.

The following patch addresses both of the above by a) calling
usb_free_urb() when usb_alloc_coherent() fails and by explicitly
initializing 'i' to zero.
I also moved the variables 'mem' and 'urb' inside the for loop. This does
not actually make any difference, it just seemed more correct to me to let
variables exist only in the innermost scope they are used.

Signed-off-by: Jesper Juhl <jj@chaosbits.net>
Acked-by: Huang Shijie <shijie8@gmail.com>
Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>

drivers/media/video/tlg2300/pd-video.c

@@ -512,19 +512,20 @@ int alloc_bulk_urbs_generic(struct urb **urb_array, int num,
 			int buf_size, gfp_t gfp_flags,
 			usb_complete_t complete_fn, void *context)
 {
-	struct urb *urb;
-	void *mem;
-	int i;
+	int i = 0;
 
-	for (i = 0; i < num; i++) {
-		urb = usb_alloc_urb(0, gfp_flags);
+	for (; i < num; i++) {
+		void *mem;
+		struct urb *urb = usb_alloc_urb(0, gfp_flags);
 		if (urb == NULL)
 			return i;
 
 		mem = usb_alloc_coherent(udev, buf_size, gfp_flags,
 					 &urb->transfer_dma);
-		if (mem == NULL)
+		if (mem == NULL) {
+			usb_free_urb(urb);
 			return i;
+		}
 
 		usb_fill_bulk_urb(urb, udev, usb_rcvbulkpipe(udev, ep_addr),
 				mem, buf_size, complete_fn, context);