2021-12-31 09:33:40

by Jiasheng Jiang

[permalink] [raw]
Subject: [PATCH] RDMA/uverbs: Check for null return of kmalloc_array

Because of the possible failure of the allocation, data might be NULL
pointer and will cause the dereference of the NULL pointer later.
Therefore, it might be better to check it and return -ENOMEM.

Fixes: 6884c6c4bd09 ("RDMA/verbs: Store the write/write_ex uapi entry points in the uverbs_api")
Signed-off-by: Jiasheng Jiang <[email protected]>
---
drivers/infiniband/core/uverbs_uapi.c | 3 +++
1 file changed, 3 insertions(+)

diff --git a/drivers/infiniband/core/uverbs_uapi.c b/drivers/infiniband/core/uverbs_uapi.c
index 62f5bcb712cf..1e71925613cc 100644
--- a/drivers/infiniband/core/uverbs_uapi.c
+++ b/drivers/infiniband/core/uverbs_uapi.c
@@ -447,6 +447,9 @@ static int uapi_finalize(struct uverbs_api *uapi)
uapi->num_write_ex = max_write_ex + 1;
data = kmalloc_array(uapi->num_write + uapi->num_write_ex,
sizeof(*uapi->write_methods), GFP_KERNEL);
+ if (!data)
+ return -ENOMEM;
+
for (i = 0; i != uapi->num_write + uapi->num_write_ex; i++)
data[i] = &uapi->notsupp_method;
uapi->write_methods = data;
--
2.25.1



2022-01-03 11:56:16

by Leon Romanovsky

[permalink] [raw]
Subject: Re: [PATCH] RDMA/uverbs: Check for null return of kmalloc_array

On Fri, Dec 31, 2021 at 05:33:15PM +0800, Jiasheng Jiang wrote:
> Because of the possible failure of the allocation, data might be NULL
> pointer and will cause the dereference of the NULL pointer later.
> Therefore, it might be better to check it and return -ENOMEM.
>
> Fixes: 6884c6c4bd09 ("RDMA/verbs: Store the write/write_ex uapi entry points in the uverbs_api")
> Signed-off-by: Jiasheng Jiang <[email protected]>
> ---
> drivers/infiniband/core/uverbs_uapi.c | 3 +++
> 1 file changed, 3 insertions(+)
>

Thanks,
Reviewed-by: Leon Romanovsky <[email protected]>

2022-01-05 18:24:43

by Jason Gunthorpe

[permalink] [raw]
Subject: Re: [PATCH] RDMA/uverbs: Check for null return of kmalloc_array

On Fri, Dec 31, 2021 at 05:33:15PM +0800, Jiasheng Jiang wrote:
> Because of the possible failure of the allocation, data might be NULL
> pointer and will cause the dereference of the NULL pointer later.
> Therefore, it might be better to check it and return -ENOMEM.
>
> Fixes: 6884c6c4bd09 ("RDMA/verbs: Store the write/write_ex uapi entry points in the uverbs_api")
> Signed-off-by: Jiasheng Jiang <[email protected]>
> Reviewed-by: Leon Romanovsky <[email protected]>
> ---
> drivers/infiniband/core/uverbs_uapi.c | 3 +++
> 1 file changed, 3 insertions(+)

Applied to for-rc, thanks

Jason