Hi,
The INFTL mount code contains a kmalloc() followed by a memset() without
handling a possible memory allocation failure.
Signed-off-by: <[email protected]>
diff -pruN linux-2.6.11-orig/drivers/mtd/inftlmount.c linux-2.6.11-pi/drivers/mtd/inftlmount.c
--- linux-2.6.11-orig/drivers/mtd/inftlmount.c 2005-03-05 03:08:52.000000000 +0100
+++ linux-2.6.11-pi/drivers/mtd/inftlmount.c 2005-03-06 18:17:15.000000000 +0100
@@ -574,6 +574,12 @@ int INFTL_mount(struct INFTLrecord *s)
/* Temporary buffer to store ANAC numbers. */
ANACtable = kmalloc(s->nb_blocks * sizeof(u8), GFP_KERNEL);
+ if (!ANACtable) {
+ printk(KERN_WARNING "INFTL: allocation of ANACtable "
+ "failed (%zd bytes)\n",
+ s->nb_blocks * sizeof(u8));
+ return -ENOMEM;
+ }
memset(ANACtable, 0, s->nb_blocks);
/*
Hi Panagiotis,
Panagiotis Issaris wrote:
> The INFTL mount code contains a kmalloc() followed by a memset() without
> handling a possible memory allocation failure.
>
> Signed-off-by: <[email protected]>
OK, that looks good.
Dave do you want to take this, or do you want me to submit it?
Regards
Greg
> diff -pruN linux-2.6.11-orig/drivers/mtd/inftlmount.c linux-2.6.11-pi/drivers/mtd/inftlmount.c
> --- linux-2.6.11-orig/drivers/mtd/inftlmount.c 2005-03-05 03:08:52.000000000 +0100
> +++ linux-2.6.11-pi/drivers/mtd/inftlmount.c 2005-03-06 18:17:15.000000000 +0100
> @@ -574,6 +574,12 @@ int INFTL_mount(struct INFTLrecord *s)
>
> /* Temporary buffer to store ANAC numbers. */
> ANACtable = kmalloc(s->nb_blocks * sizeof(u8), GFP_KERNEL);
> + if (!ANACtable) {
> + printk(KERN_WARNING "INFTL: allocation of ANACtable "
> + "failed (%zd bytes)\n",
> + s->nb_blocks * sizeof(u8));
> + return -ENOMEM;
> + }
> memset(ANACtable, 0, s->nb_blocks);
>
> /*
>
--
------------------------------------------------------------------------
Greg Ungerer -- Chief Software Dude EMAIL: [email protected]
SnapGear -- a CyberGuard Company PHONE: +61 7 3435 2888
825 Stanley St, FAX: +61 7 3891 3630
Woolloongabba, QLD, 4102, Australia WEB: http://www.SnapGear.com