Received: by 10.213.65.68 with SMTP id h4csp253305imn; Wed, 28 Mar 2018 02:57:38 -0700 (PDT) X-Google-Smtp-Source: AIpwx4/3A+czsZfls65SKDedlPhcrXPqXJ6p2U75S3xjLf0iAjouAcKz8dr5zlEdu9az8VrirzUO X-Received: by 2002:a17:902:bc41:: with SMTP id t1-v6mr3088638plz.56.1522231058103; Wed, 28 Mar 2018 02:57:38 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1522231058; cv=none; d=google.com; s=arc-20160816; b=qz0WT5GmtU637F3VHoPZi250Aj3pH3S/TzyJrZJZJ0jQe93ul9fhMHxJa+lXh6GeZf NQm4e7ZCK5vlILP0fXBfTUtCo4CgYdlmjohJSEC2c9o+wT+D2EGZ1EL0WKd2cOP0GBoC TaRcsZIII7jiMN0wnzNIACNwAb7jLrouWW7eOWfspR/Cs28iKvm+WsHBnd0uCH3EuaFt gcI9yueW1Uiw371lEGYry7XBq59Ji1NKP9HFhIb8sR0fEfb2NwEAuBQNVBhj3UGWIMh3 CsBeYesfRwbAOkfv9xYEox1guvoJmypPukS1Dl4ONzAXZlPvLGmxNOhGN3QUW8WdvL5D uOxA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-language :content-transfer-encoding:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject:dkim-signature :arc-authentication-results; bh=9nlIYkKJILhWZxGa0Lw/xLED7Fsxiuc2PoB6bHUZI5o=; b=n9ijax2w4cml9GmbkZkZR+vBjWs4+bd3vk5pzistgLJweoSvS2ClJn0n3WCev51b8s 1R0ZWO8Sc/We8aJZm6e8n7LFybnaeCjC85+ObEDbPjn3DT3eChwjKu5otJNzDtO3aZUg NHsflIduX0mnjPNc+7Axr/E2+gf4iKuvMgAO/OwOSMHMxjMYO8zXwYTt+jnUP+hLyCMz 7SsM4Jbe2GCbf3B6dhgDeENBh17Ru1pX/KSH1eW82ap/ufsXD+qCzHmXLdCJ7vGPuV1H vm9g4bqMnG1NDFoKC8jGKDonP4R9hSu19J8klx3QIIWjCSm6FD6pcHMIUwwjkjum+nOb FhRA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=KhgCVOGs; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id n2si2295290pgs.31.2018.03.28.02.57.23; Wed, 28 Mar 2018 02:57:38 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=KhgCVOGs; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752754AbeC1J4S (ORCPT + 99 others); Wed, 28 Mar 2018 05:56:18 -0400 Received: from mail-io0-f195.google.com ([209.85.223.195]:37860 "EHLO mail-io0-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752297AbeC1J4R (ORCPT ); Wed, 28 Mar 2018 05:56:17 -0400 Received: by mail-io0-f195.google.com with SMTP id y128so2820696iod.4; Wed, 28 Mar 2018 02:56:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-transfer-encoding:content-language; bh=9nlIYkKJILhWZxGa0Lw/xLED7Fsxiuc2PoB6bHUZI5o=; b=KhgCVOGsDurK+fQc2EkEj6QnUZ82/05L9ljytZRay9J+dLNtKhBNR/LkI5rsikrSFi 2bgZf6s+/T8ueOdVEHltqLl47x65bpKwh+0HdPkXXTROvOXYNIyYz3MryyVB5C9E7QEP T+xJaZHxrHsWbr/ms1S9UmAoXxDisSFut6zJ9aHvtX9cglrKOD/OmiGdy5bOrcX8Kx8k 0jIGWOCege/a3zLIpMVua8BBnJPBWTz82gGmK37NBS+G5iFDSJFEg9Q4wbXgl8QTso9i MXYJm0Ny1jJ4eYvdOKHN/g1y5+ohPYWVySsSHoGAjP0sGmT7dMw2vgdeRbuBySB3EDME KH4g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=9nlIYkKJILhWZxGa0Lw/xLED7Fsxiuc2PoB6bHUZI5o=; b=H8jaFV38ZpofdKcteaeQnHmy3B72jnobdpFD3MnjJc+Z4E1aAcLL22ADPzUNevYyy2 o4ep1w42DjkDW9YnP9xseOVYYI42UXpgO2XNzKjAoLzIlmtLMFmQZ8gpW4xHMLPN2yom ap/Xk8CvzKIMQtSd2foWUndlQwLQsKu5mMZwLpmStQKWSe0FxxisMfDeBz8QCuEn5heS E2KXyX+RIxhXtkFI1DwqP1ZvzjJLHg6V5JAySiI1Re+Qx1YHCpO3c8PBKMaDQxN9hk0l VQIISWfWBRaUKK2pksfLwoxqqf6zwU+doajnEGWZsinYRq8Vl/KFJkzBStnUit1D22tu OrLA== X-Gm-Message-State: AElRT7HLdZSsfPN8dBCKuH6Du2/4yDFmuZLONde9gfkO/Qf6UYR+pl9Z hYsWNejakyp2Wl+Y1MQIEQbR6P/k X-Received: by 10.107.179.134 with SMTP id c128mr47539220iof.278.1522230976183; Wed, 28 Mar 2018 02:56:16 -0700 (PDT) Received: from ?IPv6:2402:f000:1:1501:200:5efe:166.111.70.50? ([2402:f000:1:1501:200:5efe:a66f:4632]) by smtp.gmail.com with ESMTPSA id q126sm2304122iof.68.2018.03.28.02.56.09 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 28 Mar 2018 02:56:15 -0700 (PDT) Subject: Re: [PATCH] staging: vt6655: check for memory allocation failures To: Ji-Hun Kim , gregkh@linuxfoundation.org, forest@alittletooquiet.net Cc: dartnorris@gmail.com, santhameena13@gmail.com, julia.lawall@lip6.fr, y.k.oh@samsung.com, devel@driverdev.osuosl.org, linux-kernel@vger.kernel.org, kernel-janitors@vger.kernel.org References: <1522218691-7917-1-git-send-email-ji_hun.kim@samsung.com> From: Jia-Ju Bai Message-ID: Date: Wed, 28 Mar 2018 17:55:57 +0800 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.2.0 MIME-Version: 1.0 In-Reply-To: <1522218691-7917-1-git-send-email-ji_hun.kim@samsung.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Content-Language: en-US Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 2018/3/28 14:31, Ji-Hun Kim wrote: > There are no null pointer checking on rd_info and td_info values which > are allocated by kzalloc. It has potential null pointer dereferencing > issues. Add return when allocation is failed. > > Signed-off-by: Ji-Hun Kim > --- > drivers/staging/vt6655/device_main.c | 12 ++++++++---- > 1 file changed, 8 insertions(+), 4 deletions(-) > > diff --git a/drivers/staging/vt6655/device_main.c b/drivers/staging/vt6655/device_main.c > index fbc4bc6..5d0ba94 100644 > --- a/drivers/staging/vt6655/device_main.c > +++ b/drivers/staging/vt6655/device_main.c > @@ -539,7 +539,8 @@ static void device_init_rd0_ring(struct vnt_private *priv) > i ++, curr += sizeof(struct vnt_rx_desc)) { > desc = &priv->aRD0Ring[i]; > desc->rd_info = kzalloc(sizeof(*desc->rd_info), GFP_KERNEL); > - > + if (WARN_ON(!desc->rd_info)) > + return; > if (!device_alloc_rx_buf(priv, desc)) > dev_err(&priv->pcid->dev, "can not alloc rx bufs\n"); > > @@ -563,7 +564,8 @@ static void device_init_rd1_ring(struct vnt_private *priv) > i ++, curr += sizeof(struct vnt_rx_desc)) { > desc = &priv->aRD1Ring[i]; > desc->rd_info = kzalloc(sizeof(*desc->rd_info), GFP_KERNEL); > - > + if (WARN_ON(!desc->rd_info)) > + return; > if (!device_alloc_rx_buf(priv, desc)) > dev_err(&priv->pcid->dev, "can not alloc rx bufs\n"); > > @@ -621,7 +623,8 @@ static void device_init_td0_ring(struct vnt_private *priv) > i++, curr += sizeof(struct vnt_tx_desc)) { > desc = &priv->apTD0Rings[i]; > desc->td_info = kzalloc(sizeof(*desc->td_info), GFP_KERNEL); > - > + if (WARN_ON(!desc->td_info)) > + return; > desc->td_info->buf = priv->tx0_bufs + i * PKT_BUF_SZ; > desc->td_info->buf_dma = priv->tx_bufs_dma0 + i * PKT_BUF_SZ; > > @@ -646,7 +649,8 @@ static void device_init_td1_ring(struct vnt_private *priv) > i++, curr += sizeof(struct vnt_tx_desc)) { > desc = &priv->apTD1Rings[i]; > desc->td_info = kzalloc(sizeof(*desc->td_info), GFP_KERNEL); > - > + if (WARN_ON(!desc->td_info)) > + return; > desc->td_info->buf = priv->tx1_bufs + i * PKT_BUF_SZ; > desc->td_info->buf_dma = priv->tx_bufs_dma1 + i * PKT_BUF_SZ; > I think the bugs you found are right. But your patch is not correct, because it is dangerous to return directly. I think you should return an error and then implement error handling code for these functions. Best wishes, Jia-Ju Bai