drivers/extcon/extcon-rtk-type-c.c | 6 ++++++ 1 file changed, 6 insertions(+)
A 'devm_kzalloc' in 'extcon_rtk_type_c_probe' could possibly return null pointer.
Add a null check for the returned pointer.
Fixes: 8a590d7371f0 ("extcon: add Realtek DHC RTD SoC Type-C driver")
Signed-off-by: Zichen Xie <zichenxie0106@gmail.com>
Reported-by: Zichen Xie <zichenxie0106@gmail.com>
Reported-by: Zijie Zhao <zzjas98@gmail.com>
Reported-by: Chenyuan Yang <chenyuan0y@gmail.com>
---
drivers/extcon/extcon-rtk-type-c.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/drivers/extcon/extcon-rtk-type-c.c b/drivers/extcon/extcon-rtk-type-c.c
index a592bab77538..9a0824fc7cbe 100644
--- a/drivers/extcon/extcon-rtk-type-c.c
+++ b/drivers/extcon/extcon-rtk-type-c.c
@@ -1371,6 +1371,12 @@ static int extcon_rtk_type_c_probe(struct platform_device *pdev)
type_c->type_c_cfg = devm_kzalloc(dev, sizeof(*type_c_cfg), GFP_KERNEL);
+ if (!type_c->type_c_cfg) {
+ dev_err(dev, "Failed to allocate memory for type_c_cfg!\n");
+ ret = -ENOMEM;
+ goto err;
+ }
+
memcpy(type_c->type_c_cfg, type_c_cfg, sizeof(*type_c_cfg));
if (setup_type_c_parameter(type_c)) {
--
2.25.1On 30/09/2024 00:38, Gax-c wrote:
> A 'devm_kzalloc' in 'extcon_rtk_type_c_probe' could possibly return null pointer.
> Add a null check for the returned pointer.
>
> Fixes: 8a590d7371f0 ("extcon: add Realtek DHC RTD SoC Type-C driver")
> Signed-off-by: Zichen Xie <zichenxie0106@gmail.com>
> Reported-by: Zichen Xie <zichenxie0106@gmail.com>
> Reported-by: Zijie Zhao <zzjas98@gmail.com>
> Reported-by: Chenyuan Yang <chenyuan0y@gmail.com>
All previous comments apply.
> ---
> drivers/extcon/extcon-rtk-type-c.c | 6 ++++++
> 1 file changed, 6 insertions(+)
>
> diff --git a/drivers/extcon/extcon-rtk-type-c.c b/drivers/extcon/extcon-rtk-type-c.c
> index a592bab77538..9a0824fc7cbe 100644
> --- a/drivers/extcon/extcon-rtk-type-c.c
> +++ b/drivers/extcon/extcon-rtk-type-c.c
> @@ -1371,6 +1371,12 @@ static int extcon_rtk_type_c_probe(struct platform_device *pdev)
>
> type_c->type_c_cfg = devm_kzalloc(dev, sizeof(*type_c_cfg), GFP_KERNEL);
>
Same as in other patches - drop blank line.
> + if (!type_c->type_c_cfg) {
> + dev_err(dev, "Failed to allocate memory for type_c_cfg!\n");
No, drop.
> + ret = -ENOMEM;
> + goto err;
Best regards,
Krzysztof
> A 'devm_kzalloc' in 'extcon_rtk_type_c_probe' could possibly return null pointer.
> Add a null check for the returned pointer.
How do you think about a wording variant like the following?
A devm_kzalloc() call can fail in this function implementation.
Thus add a null pointer check and corresponding exception handling
for the data structure member “type_c_cfg”.
…
> Signed-off-by: Zichen Xie <zichenxie0106@gmail.com>
> Reported-by: Zichen Xie <zichenxie0106@gmail.com>
…
How good does such a tag combination fit together for the same person?
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/Documentation/process/submitting-patches.rst?h=v6.11#n525
Can a subject like “[PATCH] extcon: realtek: Prevent null pointer dereference in extcon_rtk_type_c_probe()”
be more appropriate?
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/Documentation/process/submitting-patches.rst?h=v6.11#n613
…
> +++ b/drivers/extcon/extcon-rtk-type-c.c
> @@ -1371,6 +1371,12 @@ static int extcon_rtk_type_c_probe(struct platform_device *pdev)
>
> type_c->type_c_cfg = devm_kzalloc(dev, sizeof(*type_c_cfg), GFP_KERNEL);
>
> + if (!type_c->type_c_cfg) {
> + dev_err(dev, "Failed to allocate memory for type_c_cfg!\n");
> + ret = -ENOMEM;
> + goto err;
> + }
> +
> memcpy(type_c->type_c_cfg, type_c_cfg, sizeof(*type_c_cfg));
…
I suggest to omit an extra error message here.
By the way:
Would you become interested to add a jump target for the statement “ret = -EINVAL;”
(in two other if branches)?
Regards,
Markus
© 2016 - 2024 Red Hat, Inc.