kmalloc may fails, *out_str might be null and will cause
illegal address access later.

Signed-off-by: Kang Chen <void0red@gmail.com>
---
 drivers/media/v4l2-core/v4l2-h264.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/drivers/media/v4l2-core/v4l2-h264.c b/drivers/media/v4l2-core/v4l2-h264.c
index 72bd64f65..c7a088882 100644
--- a/drivers/media/v4l2-core/v4l2-h264.c
+++ b/drivers/media/v4l2-core/v4l2-h264.c
@@ -306,6 +306,9 @@ static const char *format_ref_list_p(const struct v4l2_h264_reflist_builder *bui
 
 	*out_str = kmalloc(tmp_str_size, GFP_KERNEL);
 
+	if (!*out_str)
+		return "NOMEM";
+
 	n += snprintf(*out_str + n, tmp_str_size - n, "|");
 
 	for (i = 0; i < builder->num_valid; i++) {
@@ -344,6 +347,9 @@ static const char *format_ref_list_b(const struct v4l2_h264_reflist_builder *bui
 
 	*out_str = kmalloc(tmp_str_size, GFP_KERNEL);
 
+	if (!*out_str)
+		return "NOMEM";
+
 	n += snprintf(*out_str + n, tmp_str_size - n, "|");
 
 	for (i = 0; i < builder->num_valid; i++) {
-- 
2.34.1

Hi Kang,

On Sun, Feb 26, 2023 at 02:50:11PM +0800, Kang Chen wrote:
> kmalloc may fails, *out_str might be null and will cause
> illegal address access later.
> 
> Signed-off-by: Kang Chen <void0red@gmail.com>

This seems to have been addressed by commit
be3ae7cf4326e95bb1d5413b63baabc26f4a1324 that's already in upstream.

-- 
Kind regards,

Sakari Ailus