The kcalloc() in of_pci_prop_intr_map() will return null if
the physical memory has run out. As a result, both int_map
and mapp will point to the null area. If we dereference mapp,
the null pointer dereference bugs will happen.
Return -ENOMEM from of_pci_prop_intr_map() if kcalloc() fails
for int_map.
Fixes: 407d1a51921e ("PCI: Create device tree node for bridge")
Signed-off-by: Duoming Zhou <[email protected]>
---
drivers/pci/of_property.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/drivers/pci/of_property.c b/drivers/pci/of_property.c
index c2c7334152b..03539e50537 100644
--- a/drivers/pci/of_property.c
+++ b/drivers/pci/of_property.c
@@ -238,6 +238,8 @@ static int of_pci_prop_intr_map(struct pci_dev *pdev, struct of_changeset *ocs,
return 0;
int_map = kcalloc(map_sz, sizeof(u32), GFP_KERNEL);
+ if (!int_map)
+ return -ENOMEM;
mapp = int_map;
list_for_each_entry(child, &pdev->subordinate->devices, bus_list) {
--
2.17.1