Re: [PATCH][V3] usb: isp1760: check for null return from kzalloc
From: Laurent Pinchart
Date: Tue Jun 02 2015 - 20:44:33 EST
Hi Colin,
Thank you for the patch.
On Tuesday 02 June 2015 19:05:13 Colin King wrote:
> From: Colin Ian King <colin.king@xxxxxxxxxxxxx>
>
> isp1760_ep_alloc_request allocates a structure with kzalloc without checking
> for NULL and then returns a pointer to one of the structure fields. As the
> field happens to be the first in the structure the caller can properly
> check for NULL, but this is risky if the structure layout is changed later.
> Add an explicit NULL check for the kzalloc return value
>
> Detected with smatch static analysis:
>
> drivers/usb/isp1760/isp1760-udc.c:816 isp1760_ep_alloc_request()
> error: potential null dereference 'req'. (kzalloc returns null)
>
> [ thanks to Laurent Pinchart for improved commit message ]
>
> Signed-off-by: Colin Ian King <colin.king@xxxxxxxxxxxxx>
Acked-by: Laurent Pinchart <laurent.pinchart@xxxxxxxxxxxxxxxx>
Felipe, I expect you to pick this up, please let me know if there's any issue.
> ---
> drivers/usb/isp1760/isp1760-udc.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/drivers/usb/isp1760/isp1760-udc.c
> b/drivers/usb/isp1760/isp1760-udc.c index 3fc4fe7..18ebf5b 100644
> --- a/drivers/usb/isp1760/isp1760-udc.c
> +++ b/drivers/usb/isp1760/isp1760-udc.c
> @@ -812,6 +812,8 @@ static struct usb_request
> *isp1760_ep_alloc_request(struct usb_ep *ep, struct isp1760_request *req;
>
> req = kzalloc(sizeof(*req), gfp_flags);
> + if (!req)
> + return NULL;
>
> return &req->req;
> }
--
Regards,
Laurent Pinchart
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/