A recent change fixing NFC device allocation itself introduced an
error-handling bug by returning an error pointer in case device-id
allocation failed. This is clearly broken as the callers still expected
NULL to be returned on errors as detected by Dan's static checker.
Fix this up by returning NULL in the event that we've run out of memory
when allocating a new device id.
Note that the offending commit is marked for stable (3.8) so this fix
needs to be backported along with it.
Fixes: 20777bc57c34 ("NFC: fix broken device allocation")
Cc: stable <[email protected]> # 3.8
Reported-by: Dan Carpenter <[email protected]>
Signed-off-by: Johan Hovold <[email protected]>
---
net/nfc/core.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/nfc/core.c b/net/nfc/core.c
index 5cf33df888c3..c699d64a0753 100644
--- a/net/nfc/core.c
+++ b/net/nfc/core.c
@@ -1106,7 +1106,7 @@ struct nfc_dev *nfc_allocate_device(struct nfc_ops *ops,
err_free_dev:
kfree(dev);
- return ERR_PTR(rc);
+ return NULL;
}
EXPORT_SYMBOL(nfc_allocate_device);
--
2.13.2
On Sun, Jul 09, 2017 at 01:08:58PM +0200, Johan Hovold wrote:
> A recent change fixing NFC device allocation itself introduced an
> error-handling bug by returning an error pointer in case device-id
> allocation failed. This is clearly broken as the callers still expected
> NULL to be returned on errors as detected by Dan's static checker.
>
> Fix this up by returning NULL in the event that we've run out of memory
> when allocating a new device id.
>
> Note that the offending commit is marked for stable (3.8) so this fix
> needs to be backported along with it.
>
> Fixes: 20777bc57c34 ("NFC: fix broken device allocation")
> Cc: stable <[email protected]> # 3.8
> Reported-by: Dan Carpenter <[email protected]>
> Signed-off-by: Johan Hovold <[email protected]>
Samuel or David,
Could you apply this follow-up fix so that it can be backported along
with the offending commit (which was just added to the stable queues)?
We would only hit this error path if an ida allocation fails due to OOM;
so while this is not critical, it would still be nice to get it fixed.
Thanks,
Johan
Samuel or David,
On Sat, Jul 22, 2017 at 03:32:28PM +0200, Johan Hovold wrote:
> On Sun, Jul 09, 2017 at 01:08:58PM +0200, Johan Hovold wrote:
> > A recent change fixing NFC device allocation itself introduced an
> > error-handling bug by returning an error pointer in case device-id
> > allocation failed. This is clearly broken as the callers still expected
> > NULL to be returned on errors as detected by Dan's static checker.
> >
> > Fix this up by returning NULL in the event that we've run out of memory
> > when allocating a new device id.
> >
> > Note that the offending commit is marked for stable (3.8) so this fix
> > needs to be backported along with it.
> >
> > Fixes: 20777bc57c34 ("NFC: fix broken device allocation")
> > Cc: stable <[email protected]> # 3.8
> > Reported-by: Dan Carpenter <[email protected]>
> > Signed-off-by: Johan Hovold <[email protected]>
> Could you apply this follow-up fix so that it can be backported along
> with the offending commit (which was just added to the stable queues)?
>
> We would only hit this error path if an ida allocation fails due to OOM;
> so while this is not critical, it would still be nice to get it fixed.
Another reminder about this one; can you apply it so we can get it into
4.14-rc1?
Note that the offending commit has now been backported to the stable
trees and we really want this trivial follow-up fix to be backported as
well.
Let me know if you want me to resend the patch.
Thanks,
Johan
Hi Johan,
On Sun, Jul 09, 2017 at 01:08:58PM +0200, Johan Hovold wrote:
> A recent change fixing NFC device allocation itself introduced an
> error-handling bug by returning an error pointer in case device-id
> allocation failed. This is clearly broken as the callers still expected
> NULL to be returned on errors as detected by Dan's static checker.
>
> Fix this up by returning NULL in the event that we've run out of memory
> when allocating a new device id.
>
> Note that the offending commit is marked for stable (3.8) so this fix
> needs to be backported along with it.
>
> Fixes: 20777bc57c34 ("NFC: fix broken device allocation")
> Cc: stable <[email protected]> # 3.8
> Reported-by: Dan Carpenter <[email protected]>
> Signed-off-by: Johan Hovold <[email protected]>
> ---
> net/nfc/core.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
Applied, thanks for the fix.
Cheers,
Samuel.