[PATCH v3 3/3] device property: avoid allocations of 0 length
From: Andy Shevchenko
Date: Tue Dec 29 2015 - 06:08:04 EST
Arrays can not have zero elements by definition of the unified device
properties. If such property comes from outside we should not allow it to pass.
Otherwise memory allocation on 0 length will return non-NULL value, which we
currently don't check.
Prevent memory allocations of 0 length.
Signed-off-by: Andy Shevchenko <andriy.shevchenko@xxxxxxxxxxxxxxx>
---
drivers/base/property.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/drivers/base/property.c b/drivers/base/property.c
index b3429cc..c359351 100644
--- a/drivers/base/property.c
+++ b/drivers/base/property.c
@@ -653,6 +653,9 @@ int fwnode_property_match_string(struct fwnode_handle *fwnode,
if (nval < 0)
return nval;
+ if (nval == 0)
+ return -ENODATA;
+
values = kcalloc(nval, sizeof(*values), GFP_KERNEL);
if (!values)
return -ENOMEM;
@@ -718,6 +721,9 @@ static int pset_copy_entry(struct property_entry *dst,
return -ENOMEM;
if (src->is_array) {
+ if (!src->length)
+ return -ENODATA;
+
if (src->is_string) {
nval = src->length / sizeof(const char *);
dst->pointer.str = kcalloc(nval, sizeof(const char *),
--
2.6.4
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/