[PATCH] mm/vmalloc.c: don't dereference possible NULL pointer in __vunmap.

From: Liviu Dudau
Date: Fri Dec 28 2018 - 12:15:45 EST

Next message: vsnsdualce: "Re: A lawyer?!"
Previous message: Jacek Anaszewski: "Re: leds/lm3642: simplify error handling, remove user-triggerable errors"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

find_vmap_area() can return a NULL pointer and we're going to dereference
it without checking it first. Use the existing find_vm_area() function
which does exactly what we want and checks for the NULL pointer.

Fixes: f3c01d2f3ade ("mm: vmalloc: avoid racy handling of debugobjects
in vunmap")

Signed-off-by: Liviu Dudau <liviu@xxxxxxxxxxx>
---
mm/vmalloc.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/mm/vmalloc.c b/mm/vmalloc.c
index 871e41c55e239..806047d7fda3c 100644
--- a/mm/vmalloc.c
+++ b/mm/vmalloc.c
@@ -1505,7 +1505,7 @@ static void __vunmap(const void *addr, int deallocate_pages)
addr))
return;

- area = find_vmap_area((unsigned long)addr)->vm;
+ area = find_vm_area(addr);
if (unlikely(!area)) {
WARN(1, KERN_ERR "Trying to vfree() nonexistent vm area (%p)\n",
addr);
--
2.20.1

Next message: vsnsdualce: "Re: A lawyer?!"
Previous message: Jacek Anaszewski: "Re: leds/lm3642: simplify error handling, remove user-triggerable errors"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]