Re: [PATCH v3] ALSA: ymfpci: Handle return NULL error from ioremap_nocache

From: Takashi Iwai
Date: Wed Jan 25 2017 - 16:31:25 EST

Next message: Ben Hutchings: "Re: [PATCH 2/2] fs: Harden against open(..., O_CREAT, 02777) in a setgid directory"
Previous message: Mark Brown: "Re: [PATCH 0/7] Implement generic regulator constraints parsing for ACPI and OF"
In reply to: Arvind Yadav: "[PATCH v3] ALSA: ymfpci: Handle return NULL error from ioremap_nocache"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 24 Jan 2017 06:31:26 +0100,
Arvind Yadav wrote:
>
> Here, If ioremap_nocache will fail. It will return NULL.
> Kernel can run into a NULL-pointer dereference.
> This error check will avoid NULL pointer dereference.
>
> Signed-off-by: Arvind Yadav <arvind.yadav.cs@xxxxxxxxx>
> ---
> sound/pci/ymfpci/ymfpci_main.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/sound/pci/ymfpci/ymfpci_main.c b/sound/pci/ymfpci/ymfpci_main.c
> index ffee284..8be1f07 100644
> --- a/sound/pci/ymfpci/ymfpci_main.c
> +++ b/sound/pci/ymfpci/ymfpci_main.c
> @@ -2392,6 +2392,10 @@ int snd_ymfpci_create(struct snd_card *card,
> chip->rev = pci->revision;
> chip->reg_area_phys = pci_resource_start(pci, 0);
> chip->reg_area_virt = ioremap_nocache(chip->reg_area_phys, 0x8000);
> + if (!chip->reg_area_virt) {
> + snd_ymfpci_free(chip);

The function calls iounmap() unconditionally, so it's not appropriate
to call as is. You need to fix snd_ymfpci_free() as well to check
NULL before iounmap(). Or, call here kfree() and pci_disable_device()
explicitly instead of a full destructor.

thanks,

Takashi

Next message: Ben Hutchings: "Re: [PATCH 2/2] fs: Harden against open(..., O_CREAT, 02777) in a setgid directory"
Previous message: Mark Brown: "Re: [PATCH 0/7] Implement generic regulator constraints parsing for ACPI and OF"
In reply to: Arvind Yadav: "[PATCH v3] ALSA: ymfpci: Handle return NULL error from ioremap_nocache"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]