Re: [PATCH] iio: multiplexer: add NULL check on devm_kzalloc() return value
From: Peter Rosin
Date: Fri Jul 07 2017 - 00:07:56 EST
On 2017-07-07 00:08, Gustavo A. R. Silva wrote:
> Check return value from call to devm_kzalloc()
> in order to prevent a NULL pointer dereference.
Right, thanks for finding that one! There's another one inside the
for loop that is just starting in the context of this patch. Care
to fix checking the return value of that devm_kmemdup as well?
And someone should perhaps teach Coccinelle about devm_kmemdup...
> This issue was detected using Coccinelle and the following semantic patch:
>
> @@
> expression x;
> identifier fld;
> @@
>
> * x = devm_kzalloc(...);
> ... when != x == NULL
> x->fld
>
>
One of these blank lines should perhaps be a "Fixes:" tag?
Cheers,
peda
> Signed-off-by: Gustavo A. R. Silva <garsilva@xxxxxxxxxxxxxx>
> ---
> drivers/iio/multiplexer/iio-mux.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/drivers/iio/multiplexer/iio-mux.c b/drivers/iio/multiplexer/iio-mux.c
> index 37ba007..a8d672b 100644
> --- a/drivers/iio/multiplexer/iio-mux.c
> +++ b/drivers/iio/multiplexer/iio-mux.c
> @@ -285,6 +285,9 @@ static int mux_configure_channel(struct device *dev, struct mux *mux,
> child->ext_info_cache = devm_kzalloc(dev,
> sizeof(*child->ext_info_cache) *
> num_ext_info, GFP_KERNEL);
> + if (!child->ext_info_cache)
> + return -ENOMEM;
> +
> for (i = 0; i < num_ext_info; ++i) {
> child->ext_info_cache[i].size = -1;
>
>