Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp777152imu; Tue, 20 Nov 2018 06:51:36 -0800 (PST) X-Google-Smtp-Source: AFSGD/XUc9i+SzzQijTHTeN3fBaL3yn47pNaUSMeVFOnvkMIYL/yrE3geKjoQ2FlJZlNpmKb3EmG X-Received: by 2002:a17:902:b7c7:: with SMTP id v7mr2536070plz.75.1542725496424; Tue, 20 Nov 2018 06:51:36 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1542725496; cv=none; d=google.com; s=arc-20160816; b=iQ3TY3H/8EWQdMCZA5iEtDcsB8iwRLdPWhh9zzp/7b4LFw9QVYVy3JEs0KeOsTgmwG evP6PZASO001cDu9YW59x4phtTQ2hnESi7PdS+PMJ8gqwoXQfxlA4PVqz1xMcUPKnOZt k/CwpSpiKBWBEic7UUNpiyeCVvSAWSX2pzPjtQuJmne/8RBcadjDTflmSfIHS2jjeH6p oW9DUaeKrFJYbcCr/fJEQ8kZRyRpeyxO+AYqx17nk8Ue0v0nID7hlNGXcPr7ia0+ClSZ 1JPYZum27j9aAG9Kd93+Q5WfttvI7PB3lFA0XQs0rjZo8bqCTXhg63sWSoderyGBwhkn wyHg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:date:subject:cc:to:from; bh=o7pKC0QQ9aMFt1i+L+h3BeB9CqtNbg5P2Xs7t6PNDBI=; b=mA74heS3AeFg3zR2lFCwBSfOQf4DwdJOh2nk+fHoZq73btjnxdTOkAz4iIUxqx4efE EYI2GK0HZNeKJYyf5pJanTdMn6wCEweRp0LOdyPAhjHmjfAOrLZQLXVVO7lMf0VZ++Tp dtR9vteqHwTYffX83zfp5JcP1IKU/l5K5Kl9jDSs/cPG+mBYVfxx9lNQTR4ETJX7ivoF G1Pw3qNQJnrSSo68S38NVG0JCOiSRW7dYQ246RiK2AiUmU7XD+R8J9cJQQ7QCkEQ6OUb 5te1mH/b/4dBfMNkce5aRWCeU4Q9xYoPRBrD06vxR90InygfP4hcQacFBSpkIpovOLaz 7vsw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id k190-v6si41767285pgk.261.2018.11.20.06.51.20; Tue, 20 Nov 2018 06:51:36 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729287AbeKTWAl (ORCPT + 99 others); Tue, 20 Nov 2018 17:00:41 -0500 Received: from www.osadl.org ([62.245.132.105]:60976 "EHLO www.osadl.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729108AbeKTWAk (ORCPT ); Tue, 20 Nov 2018 17:00:40 -0500 Received: from debian01.hofrr.at (178.115.242.59.static.drei.at [178.115.242.59]) by www.osadl.org (8.13.8/8.13.8/OSADL-2007092901) with ESMTP id wAKBSGST017739; Tue, 20 Nov 2018 12:28:17 +0100 From: Nicholas Mc Guire To: Mauro Carvalho Chehab Cc: Greg Kroah-Hartman , Ioannis Valasakis , Irenge Jules Bashizi , Hans Verkuil , Michelle Darcy , Mamta Shukla , linux-media@vger.kernel.org, devel@driverdev.osuosl.org, linux-kernel@vger.kernel.org, Nicholas Mc Guire Subject: [PATCH] media: davinci_vpfe: bail out if kmalloc failed Date: Tue, 20 Nov 2018 12:25:29 +0100 Message-Id: <1542713129-14110-1-git-send-email-hofrat@osadl.org> X-Mailer: git-send-email 2.1.4 X-Spam-Status: No, score=-1.9 required=6.0 tests=BAYES_00 autolearn=unavailable version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on www.osadl.org Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org The kmalloc is passed indirectly to from but with an offset which if not 0 will cause the null check if (to && from && size) to succeed. An explicit !NULL check is thus added for params here. ipipe_s_config and ipipe_g_config - both fail to check kmalloc are called from ipipe_ioctl where a negative return is a valid indication of error so simply setting rval = -ENOMEM seems ok. Signed-off-by: Nicholas Mc Guire Fixes: da43b6ccadcf ("[media] davinci: vpfe: dm365: add IPIPE support for media controller driver") --- Problem located with experimental coccinelle patch Patch was compile tested with: davinci_all_defconfig + SAGING=y, STAGING_MEDIA=y, MEDIA_SUPPORT=m, MEDIA_CONTROLLER=y, VIDEO_V4L2_SUBDEV_API=y, VIDEO_DAVINCI_VPBE_DISPLAY=m, VIDEO_DM365_VPFE=m (with some coccicheck findings unrelated to the proposed change) Patch is against 4.20-rc3 (localversion-next is next-20181120) drivers/staging/media/davinci_vpfe/dm365_ipipe.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/drivers/staging/media/davinci_vpfe/dm365_ipipe.c b/drivers/staging/media/davinci_vpfe/dm365_ipipe.c index 3d910b8..0150aed 100644 --- a/drivers/staging/media/davinci_vpfe/dm365_ipipe.c +++ b/drivers/staging/media/davinci_vpfe/dm365_ipipe.c @@ -1266,6 +1266,11 @@ static int ipipe_s_config(struct v4l2_subdev *sd, struct vpfe_ipipe_config *cfg) params = kmalloc(sizeof(struct ipipe_module_params), GFP_KERNEL); + if (!params) { + rval = -ENOMEM; + goto error; + } + to = (void *)params + module_if->param_offset; size = module_if->param_size; @@ -1308,6 +1313,11 @@ static int ipipe_g_config(struct v4l2_subdev *sd, struct vpfe_ipipe_config *cfg) params = kmalloc(sizeof(struct ipipe_module_params), GFP_KERNEL); + if (!params) { + rval = -ENOMEM; + goto error; + } + from = (void *)params + module_if->param_offset; size = module_if->param_size; -- 2.1.4