Date: Thu, 30 Mar 2023 18:44:28 +0000
Subject: [PATCH 5.10 0/1] staging: rtl8192u: Add null check in
rtl8192_usb_initendpoints
SVACE reports return value of a function 'usb_alloc_urb' is dereferenced
without checking for null in 5.10 stable releases.
The problem has been fixed by the following
patch which can be cleanly applied to the 5.10 branch.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Date: Thu, 30 Mar 2023 18:44:28 +0000
Subject: [PATCH 5.10 1/1] staging: rtl8192u: Add null check in
rtl8192_usb_initendpoints
From: Dinghao Liu <[email protected]>
commit 4d5f81506835f7c1e5c71787bed84984faf05884 upstream.
There is an allocation for priv->rx_urb[16] has no null check,
which may lead to a null pointer dereference.
Signed-off-by: Dinghao Liu <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Signed-off-by: Greg Kroah-Hartman <[email protected]>
Signed-off-by: Danila Chernetsov <[email protected]>
---
drivers/staging/rtl8192u/r8192U_core.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/drivers/staging/rtl8192u/r8192U_core.c b/drivers/staging/rtl8192u/r8192U_core.c
index 7f90af8a7c7c..e0fec7d172da 100644
--- a/drivers/staging/rtl8192u/r8192U_core.c
+++ b/drivers/staging/rtl8192u/r8192U_core.c
@@ -1608,6 +1608,8 @@ static short rtl8192_usb_initendpoints(struct net_device *dev)
void *oldaddr, *newaddr;
priv->rx_urb[16] = usb_alloc_urb(0, GFP_KERNEL);
+ if (!priv->rx_urb[16])
+ return -ENOMEM;
priv->oldaddr = kmalloc(16, GFP_KERNEL);
if (!priv->oldaddr)
return -ENOMEM;
--
2.25.1