Re: [PATCH 1/2] livepatch: handle kzalloc failure
From: Nicholas Mc Guire
Date: Thu Dec 13 2018 - 09:01:05 EST
On Thu, Dec 13, 2018 at 01:31:39PM +0100, Petr Mladek wrote:
> On Thu 2018-12-13 12:09:49, Nicholas Mc Guire wrote:
> > kzalloc() return should always be checked - notably in example code
> > where this may be seen as reference. On failure of allocation
> > livepatch_fix1_dummy_alloc() should return NULL.
> >
> > Signed-off-by: Nicholas Mc Guire <hofrat@xxxxxxxxx>
> > ---
> >
> > Problem was located with an experimental coccinelle script
> >
> > Patch was compile tested with: x86_64_defconfig + FTRACE=y
> > FUNCTION_TRACER=y, EXPERT=y, LATENCYTOP=y, SAMPLES=y, SAMPLE_LIVEPATCH=y
> > (with some unrelated sparse warnings on symbols not being static)
> >
> > Patch is against 4.20-rc6 (localversion-next is next-20181213)
> >
> > samples/livepatch/livepatch-shadow-fix1.c | 3 +++
> > 1 file changed, 3 insertions(+)
> >
> > diff --git a/samples/livepatch/livepatch-shadow-fix1.c b/samples/livepatch/livepatch-shadow-fix1.c
> > index 49b1355..a0e8f04 100644
> > --- a/samples/livepatch/livepatch-shadow-fix1.c
> > +++ b/samples/livepatch/livepatch-shadow-fix1.c
> > @@ -89,6 +89,9 @@ struct dummy *livepatch_fix1_dummy_alloc(void)
> > * pointer to handle resource release.
> > */
> > leak = kzalloc(sizeof(int), GFP_KERNEL);
> > + if (!leak)
> > + return NULL;
>
> It should be:
>
> if (!leak) {
> kfree(d);
> return NULL;
> }
>
> Note that The check is not strictly needed in this artificial
> example because we never read/write any data there. But I agree
> that we should add the check to promote the the right programming
> patterns.
>
thanks for catching this !
will send a V2.
thx!
hofrat