Re: [PATCH] mfd: core: Fix possible ZERO_SIZE_PTR pointer dereferencing error.

From: Lee Jones
Date: Mon Oct 06 2014 - 17:14:54 EST

Next message: Lee Jones: "Re: [PATCH v2 2/2] dt: bindings: tps65217: add compatible property for subnodes"
Previous message: Pavel Machek: "Re: 3.17-rc5: kernel oops when exiting X under heavy load"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 18 Sep 2014, Xiubo Li wrote:

> Since we cannot make sure the 'cell->num_resources' will always be none
> zero here, and then if either equal to zero, the kzalloc() will return
> ZERO_SIZE_PTR, which equals to ((void *)16).
>
> So this patch fix this with just doing the zero check before calling
> kzalloc().
>
> Signed-off-by: Xiubo Li <Li.Xiubo@xxxxxxxxxxxxx>
> ---
> drivers/mfd/mfd-core.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/drivers/mfd/mfd-core.c b/drivers/mfd/mfd-core.c
> index 892d343..54c7e35 100644
> --- a/drivers/mfd/mfd-core.c
> +++ b/drivers/mfd/mfd-core.c
> @@ -89,6 +89,9 @@ static int mfd_add_device(struct device *parent, int id,
> int ret = -ENOMEM;
> int r;
>
> + if (!cell->num_resources)
> + return -EINVAL;

Resources are not compulsory.

> pdev = platform_device_alloc(cell->name, id + cell->id);
> if (!pdev)
> goto fail_alloc;

--
Lee Jones
Linaro STMicroelectronics Landing Team Lead
Linaro.org â Open source software for ARM SoCs
Follow Linaro: Facebook | Twitter | Blog
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Lee Jones: "Re: [PATCH v2 2/2] dt: bindings: tps65217: add compatible property for subnodes"
Previous message: Pavel Machek: "Re: 3.17-rc5: kernel oops when exiting X under heavy load"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]