kmalloc allocates memory for dest->name and attempts to call
memcpy without a check for failure. This patch avoids such a scenario.
Signed-off-by: Aditya Pakki <[email protected]>
---
net/ceph/osdmap.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/net/ceph/osdmap.c b/net/ceph/osdmap.c
index 48a31dc9161c..c76a7c7e6a77 100644
--- a/net/ceph/osdmap.c
+++ b/net/ceph/osdmap.c
@@ -1901,6 +1901,8 @@ void ceph_oid_copy(struct ceph_object_id *dest,
} else {
dest->name = dest->inline_name;
}
+ if (!dest->name)
+ return;
memcpy(dest->name, src->name, src->name_len + 1);
dest->name_len = src->name_len;
}
--
2.17.1
Aditya Pakki <[email protected]> writes:
> kmalloc allocates memory for dest->name and attempts to call
> memcpy without a check for failure. This patch avoids such a scenario.
Since kmalloc is being invoked with the __GFP_NOFAIL flag, it will never
fail. Thus, there's no point in checking for NULL in this case.
Cheers,
--
Luis
>
> Signed-off-by: Aditya Pakki <[email protected]>
> ---
> net/ceph/osdmap.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/net/ceph/osdmap.c b/net/ceph/osdmap.c
> index 48a31dc9161c..c76a7c7e6a77 100644
> --- a/net/ceph/osdmap.c
> +++ b/net/ceph/osdmap.c
> @@ -1901,6 +1901,8 @@ void ceph_oid_copy(struct ceph_object_id *dest,
> } else {
> dest->name = dest->inline_name;
> }
> + if (!dest->name)
> + return;
> memcpy(dest->name, src->name, src->name_len + 1);
> dest->name_len = src->name_len;
> }