Received: by 10.213.65.68 with SMTP id h4csp245748imn; Fri, 16 Mar 2018 01:34:08 -0700 (PDT) X-Google-Smtp-Source: AG47ELuL6QmmmDH28Q9Xeoty8+V5Xb7hM1qOnhgZJkzXSBnLt+jabuToM8xGnpo3lNvp7BA3V8xx X-Received: by 2002:a17:902:5ac2:: with SMTP id g2-v6mr1166750plm.138.1521189248051; Fri, 16 Mar 2018 01:34:08 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1521189248; cv=none; d=google.com; s=arc-20160816; b=XeUIvcFciV48E+hfpBUtScNpKcU3kixpJ0SIXWrpf0WygyucEw9ljD52CQdBEZp1Lt UgIq0pUGQd93k/Y5PQLcvo19wZ03JecBGU11clRtmjqQGlCru4f67u4caADeeedNULg/ tMsxkxa2C8rJHOvhLbBC9/yCrSgo6cXnxrYzpswG9KaNFzOWKJzYSY4Dnpb9LD8zMHDz b4/GNr+QUg4hFy8qeu1Qbx1Et+A3oJwWnB+6RAmrkRgTMsL8xXXGkCUVCbZJpqW0xKyv R3XVGQSj4Dia6+VwGwaW/KMmoBwx4XsxeZyiU5Vu5Q6f+s/+S+4xjPAJTGCbRKOC1K63 HCXQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature:arc-authentication-results; bh=LLsV9QOUkU9k5FYBV5iH07mDwxPzAYKbrTGH7lGxVa4=; b=bEZ7dw4sg6/8OLnvmYgMrJLhvoC7IRTehfiGOthMwEM5ByVWn2u7WiVRXP+U4degHQ ExxcA4qM0k/s+xE87yimmsCiofY7lK384S8BYQMpOZerdepeFu9zh1oY4iZ9S946WsCI eEpF11UbJ6ao6IM1H+NlNAygwQuiK08rQtDxh7AVcETRkkGdR6FQRZZsH+1MmzH2FCn7 R4ssjbTVaGi6bxZk/PSBNORn9EbvzsvA8XPTiIhTiQS1Y6vIhf1/0NIOOijiWhwERBEC 4QrsIcgia8iT7WAmsCCJlbfI94RwssELI4ge0wCiccrAX2GC4z7T8usSP4JSvWNgGCjQ u/HQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=gUfNW0XE; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id a9-v6si5794243pln.89.2018.03.16.01.33.53; Fri, 16 Mar 2018 01:34:08 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=gUfNW0XE; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752421AbeCPIc5 (ORCPT + 99 others); Fri, 16 Mar 2018 04:32:57 -0400 Received: from aserp2120.oracle.com ([141.146.126.78]:59262 "EHLO aserp2120.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750748AbeCPIcx (ORCPT ); Fri, 16 Mar 2018 04:32:53 -0400 Received: from pps.filterd (aserp2120.oracle.com [127.0.0.1]) by aserp2120.oracle.com (8.16.0.22/8.16.0.22) with SMTP id w2G7uNBP113479; Fri, 16 Mar 2018 08:32:46 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=date : from : to : cc : subject : message-id : references : mime-version : content-type : in-reply-to; s=corp-2017-10-26; bh=LLsV9QOUkU9k5FYBV5iH07mDwxPzAYKbrTGH7lGxVa4=; b=gUfNW0XEXUVms2hhUEd7GwdYRYfxwHQFgMNhUDr/4fFnwYPXR6HawlpvFyfVI/nZoiVg 3NEv1kXFokoInHQPNIWKjPyGFYW9QIazjvjaC/dbjG57RhB6BjiJJ0yfga61jFmRIMr/ JoMYlNRwQYgHyy5HbBP5XhMom7i7qE1suaZ7MrpekAHvXpVOim4EdxOHrlFEsdUVkECx DLx1gTs+UPWsR88KCVOx8E6eg+6asr3qhQoqfMUfiikk1gdO/e8xqr3ymyCuaYQEK/pS LbqPgNohBZSw89BtG9yxAaK/Yr/AAROdJpN+UrqFW8rPvW2uj8HUKJdWuoMoNOfqu1jQ LA== Received: from aserv0022.oracle.com (aserv0022.oracle.com [141.146.126.234]) by aserp2120.oracle.com with ESMTP id 2gr9y803jr-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 16 Mar 2018 08:32:45 +0000 Received: from userv0121.oracle.com (userv0121.oracle.com [156.151.31.72]) by aserv0022.oracle.com (8.14.4/8.14.4) with ESMTP id w2G8Wisr028790 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 16 Mar 2018 08:32:45 GMT Received: from abhmp0013.oracle.com (abhmp0013.oracle.com [141.146.116.19]) by userv0121.oracle.com (8.14.4/8.13.8) with ESMTP id w2G8WiU1009515; Fri, 16 Mar 2018 08:32:44 GMT Received: from mwanda (/197.254.35.146) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Fri, 16 Mar 2018 01:32:43 -0700 Date: Fri, 16 Mar 2018 11:32:34 +0300 From: Dan Carpenter To: Ji-Hun Kim Cc: mchehab@kernel.org, devel@driverdev.osuosl.org, gregkh@linuxfoundation.org, kernel-janitors@vger.kernel.org, linux-kernel@vger.kernel.org, arvind.yadav.cs@gmail.com, linux-media@vger.kernel.org Subject: Re: [PATCH] staging: media: davinci_vpfe: add error handling on kmalloc failure Message-ID: <20180316083234.yq7a4rx6w35amflu@mwanda> References: <1521176303-17546-1-git-send-email-ji_hun.kim@samsung.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1521176303-17546-1-git-send-email-ji_hun.kim@samsung.com> User-Agent: NeoMutt/20170609 (1.8.3) X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=8833 signatures=668690 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=2 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1711220000 definitions=main-1803160005 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Mar 16, 2018 at 01:58:23PM +0900, Ji-Hun Kim wrote: > There is no failure checking on the param value which will be allocated > memory by kmalloc. Add a null pointer checking statement. Then goto error: > and return -ENOMEM error code when kmalloc is failed. > > Signed-off-by: Ji-Hun Kim > --- > drivers/staging/media/davinci_vpfe/dm365_ipipe.c | 8 ++++++++ > 1 file changed, 8 insertions(+) > > diff --git a/drivers/staging/media/davinci_vpfe/dm365_ipipe.c b/drivers/staging/media/davinci_vpfe/dm365_ipipe.c > index 6a3434c..55a922c 100644 > --- a/drivers/staging/media/davinci_vpfe/dm365_ipipe.c > +++ b/drivers/staging/media/davinci_vpfe/dm365_ipipe.c > @@ -1280,6 +1280,10 @@ static int ipipe_s_config(struct v4l2_subdev *sd, struct vpfe_ipipe_config *cfg) > > params = kmalloc(sizeof(struct ipipe_module_params), > GFP_KERNEL); > + if (!params) { > + rval = -ENOMEM; > + goto error; ^^^^^^^^^^ What does "goto error" do, do you think? It's not clear from the name. When you have an unclear goto like this it often means the error handling is going to be buggy. In this case, it does nothing so a direct "return -ENOMEM;" would be more clear. But the rest of the error handling is buggy. 1263 static int ipipe_s_config(struct v4l2_subdev *sd, struct vpfe_ipipe_config *cfg) 1264 { 1265 struct vpfe_ipipe_device *ipipe = v4l2_get_subdevdata(sd); 1266 unsigned int i; 1267 int rval = 0; 1268 1269 for (i = 0; i < ARRAY_SIZE(ipipe_modules); i++) { 1270 unsigned int bit = 1 << i; 1271 1272 if (cfg->flag & bit) { 1273 const struct ipipe_module_if *module_if = 1274 &ipipe_modules[i]; 1275 struct ipipe_module_params *params; 1276 void __user *from = *(void * __user *) 1277 ((void *)cfg + module_if->config_offset); 1278 size_t size; 1279 void *to; 1280 1281 params = kmalloc(sizeof(struct ipipe_module_params), 1282 GFP_KERNEL); Do a direct return: if (!params) return -ENOMEM; 1283 to = (void *)params + module_if->param_offset; 1284 size = module_if->param_size; 1285 1286 if (to && from && size) { 1287 if (copy_from_user(to, from, size)) { 1288 rval = -EFAULT; 1289 break; The most recent thing we allocated is "params" so lets do a "goto free_params;". We'll have to declare "params" at the start of the function instead inside this block. 1290 } 1291 rval = module_if->set(ipipe, to); 1292 if (rval) 1293 goto error; goto free_params again since params is still the most recent thing we allocated. 1294 } else if (to && !from && size) { 1295 rval = module_if->set(ipipe, NULL); 1296 if (rval) 1297 goto error; And here again goto free_params. 1298 } 1299 kfree(params); 1300 } 1301 } 1302 error: 1303 return rval; Change this to: return 0; free_params: kfree(params); return rval; 1304 } regards, dan carpenter