Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S262002AbVCEPko (ORCPT ); Sat, 5 Mar 2005 10:40:44 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S262008AbVCEPkF (ORCPT ); Sat, 5 Mar 2005 10:40:05 -0500 Received: from nibbel.kulnet.kuleuven.ac.be ([134.58.240.41]:9683 "EHLO nibbel.kulnet.kuleuven.ac.be") by vger.kernel.org with ESMTP id S262111AbVCEPin (ORCPT ); Sat, 5 Mar 2005 10:38:43 -0500 From: "Panagiotis Issaris" Date: Sat, 5 Mar 2005 16:38:42 +0100 To: Matt_Domsch@dell.com Cc: linux-kernel@vger.kernel.org Subject: [PATCH] EFI missing failure handling Message-ID: <20050305153841.GA7808@mech.kuleuven.ac.be> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.5.6+20040907i Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1154 Lines: 34 Hi, The EFI driver allocates memory and writes into it without checking the success of the allocation: 668 efi_char16_t *variable_name = kmalloc(1024, GFP_KERNEL); ... 696 memset(variable_name, 0, 1024); The patch applies to 2.6.11-bk1. Signed-off-by: Panagiotis Issaris diff -pruN linux-2.6.11-orig/drivers/firmware/efivars.c linux-2.6.11-pi/drivers/firmware/efivars.c --- linux-2.6.11-orig/drivers/firmware/efivars.c 2005-03-05 02:23:29.000000000 +0100 +++ linux-2.6.11-pi/drivers/firmware/efivars.c 2005-03-05 02:23:04.000000000 +0100 @@ -670,6 +670,9 @@ efivars_init(void) unsigned long variable_name_size = 1024; int i, rc = 0, error = 0; + if (!variable_name) + return -ENOMEM; + if (!efi_enabled) return -ENODEV; -- K.U.Leuven, Mechanical Eng., Mechatronics & Robotics Research Group http://people.mech.kuleuven.ac.be/~pissaris/ - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/