1. Patchew
  2. linux
  3. View series

[PATCH] staging: wfx: check the return value of devm_kmalloc()

xkernel.wang@foxmail.com posted 1 patch 4 years, 4 months ago
There is a newer version of this series
drivers/staging/wfx/main.c | 2 ++
1 file changed, 2 insertions(+)
[PATCH] staging: wfx: check the return value of devm_kmalloc()
Posted by xkernel.wang@foxmail.com 4 years, 4 months ago 
From: Xiaoke Wang <xkernel.wang@foxmail.com>

devm_kmalloc() returns a pointer to allocated memory on success, NULL
on failure. While there is a memory allocation of devm_kmalloc()
without proper check. It is better to check the return value of it to
prevent wrong memory access.

Signed-off-by: Xiaoke Wang <xkernel.wang@foxmail.com>
---
 drivers/staging/wfx/main.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/drivers/staging/wfx/main.c b/drivers/staging/wfx/main.c
index 4b9fdf9..0ef9225 100644
--- a/drivers/staging/wfx/main.c
+++ b/drivers/staging/wfx/main.c
@@ -294,6 +294,8 @@ struct wfx_dev *wfx_init_common(struct device *dev,
 	hw->wiphy->n_iface_combinations = ARRAY_SIZE(wfx_iface_combinations);
 	hw->wiphy->iface_combinations = wfx_iface_combinations;
 	hw->wiphy->bands[NL80211_BAND_2GHZ] = devm_kmalloc(dev, sizeof(wfx_band_2ghz), GFP_KERNEL);
+	if (!hw->wiphy->bands[NL80211_BAND_2GHZ])
+		return NULL;
 	// FIXME: also copy wfx_rates and wfx_2ghz_chantable
 	memcpy(hw->wiphy->bands[NL80211_BAND_2GHZ], &wfx_band_2ghz,
 	       sizeof(wfx_band_2ghz));
--
Re: [PATCH] staging: wfx: check the return value of devm_kmalloc()
Posted by Jérôme Pouiller 4 years, 4 months ago 
On Wednesday 16 February 2022 12:29:50 CET xkernel.wang@foxmail.com wrote:
> From: Xiaoke Wang <xkernel.wang@foxmail.com>
> 
> devm_kmalloc() returns a pointer to allocated memory on success, NULL
> on failure. While there is a memory allocation of devm_kmalloc()
> without proper check. It is better to check the return value of it to
> prevent wrong memory access.
> 
> Signed-off-by: Xiaoke Wang <xkernel.wang@foxmail.com>
> ---
>  drivers/staging/wfx/main.c | 2 ++
>  1 file changed, 2 insertions(+)
> 
> diff --git a/drivers/staging/wfx/main.c b/drivers/staging/wfx/main.c
> index 4b9fdf9..0ef9225 100644
> --- a/drivers/staging/wfx/main.c
> +++ b/drivers/staging/wfx/main.c
> @@ -294,6 +294,8 @@ struct wfx_dev *wfx_init_common(struct device *dev,
>         hw->wiphy->n_iface_combinations = ARRAY_SIZE(wfx_iface_combinations);
>         hw->wiphy->iface_combinations = wfx_iface_combinations;
>         hw->wiphy->bands[NL80211_BAND_2GHZ] = devm_kmalloc(dev, sizeof(wfx_band_2ghz), GFP_KERNEL);
> +       if (!hw->wiphy->bands[NL80211_BAND_2GHZ])
> +               return NULL;
>         // FIXME: also copy wfx_rates and wfx_2ghz_chantable
>         memcpy(hw->wiphy->bands[NL80211_BAND_2GHZ], &wfx_band_2ghz,
>                sizeof(wfx_band_2ghz));
> --
> 

Good catch! However, I think you should call ieee80211_free_hw(hw)
before to return.

While reviewing your code, I have noticed that all the error handlers
of this function return without calling ieee80211_free_hw(hw).

-- 
Jérôme Pouiller

Patchew 2.1-devel-ea86937

© 2016 - 2026 Red Hat, Inc.