Re: [PATCH v2] gpio: cdev: sanitize the label before requesting the interrupt
From: Kent Gibson
Date: Fri Mar 22 2024 - 07:18:54 EST
On Fri, Mar 22, 2024 at 10:02:08AM +0100, Bartosz Golaszewski wrote:
> From: Bartosz Golaszewski <bartosz.golaszewski@xxxxxxxxxx>
>
> @@ -2198,12 +2216,18 @@ static int lineevent_create(struct gpio_device *gdev, void __user *ip)
> if (ret)
> goto out_free_le;
>
> + label = make_irq_label(le->label);
> + if (!label) {
> + ret = -ENOMEM;
> + goto out_free_le;
> + }
> +
> /* Request a thread to read the events */
> ret = request_threaded_irq(irq,
> lineevent_irq_handler,
> lineevent_irq_thread,
> irqflags,
> - le->label,
> + label,
> le);
> if (ret)
> goto out_free_le;
Leaks label if the request_threaded_irq() fails.
Cheers,
Kent.