[PATCH] bluetooth/virtio_bt: Fix dereference null return value

From: John Wood
Date: Sun Jul 04 2021 - 10:56:23 EST

Next message: John Wood: "[PATCH v2] mt76/mt7915: Fix unsigned compared against zero"
Previous message: Kelvin Cheung: "Re: [PATCH V4 RESEND] dmaengine: Loongson1: Add Loongson1 dmaengine driver"
Next in thread: Marcel Holtmann: "Re: [PATCH] bluetooth/virtio_bt: Fix dereference null return value"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The alloc_skb function returns NULL on error. So, test this case and
avoid a NULL dereference (skb->data).

Addresses-Coverity-ID: 1484718 ("Dereference null return value")
Fixes: afd2daa26c7ab ("Bluetooth: Add support for virtio transport driver")
Signed-off-by: John Wood <john.wood@xxxxxxx>
---
drivers/bluetooth/virtio_bt.c | 2 ++
1 file changed, 2 insertions(+)

diff --git a/drivers/bluetooth/virtio_bt.c b/drivers/bluetooth/virtio_bt.c
index c804db7e90f8..5f82574236c0 100644
--- a/drivers/bluetooth/virtio_bt.c
+++ b/drivers/bluetooth/virtio_bt.c
@@ -34,6 +34,8 @@ static int virtbt_add_inbuf(struct virtio_bluetooth *vbt)
int err;

skb = alloc_skb(1000, GFP_KERNEL);
+ if (!skb)
+ return -ENOMEM;
sg_init_one(sg, skb->data, 1000);

err = virtqueue_add_inbuf(vq, sg, 1, skb, GFP_KERNEL);
--
2.25.1

Next message: John Wood: "[PATCH v2] mt76/mt7915: Fix unsigned compared against zero"
Previous message: Kelvin Cheung: "Re: [PATCH V4 RESEND] dmaengine: Loongson1: Add Loongson1 dmaengine driver"
Next in thread: Marcel Holtmann: "Re: [PATCH] bluetooth/virtio_bt: Fix dereference null return value"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]