From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: Daniel Dressler <danieru.dressler@gmail.com>
Cc: Matthew Casey <mdcasey@chabloom.com>,
Ben Hutchings <ben@decadent.org.uk>,
"open list:STAGING SUBSYSTEM" <devel@driverdev.osuosl.org>,
open list <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH] Staging: rtl8192e: Fix segfault upon alloc failure
Date: Wed, 5 Nov 2014 14:56:41 -0800 [thread overview]
Message-ID: <20141105225641.GA26985@kroah.com> (raw)
In-Reply-To: <1415203879-17261-1-git-send-email-danieru.dressler@gmail.com>
On Thu, Nov 06, 2014 at 01:11:17AM +0900, Daniel Dressler wrote:
> Kernel space allocations can fail. This patch
> fixes a crash condition upon allocation failure.
>
> Should this condition occur init_firmware() will
> goto its error handler and declare download failure.
>
> Of interesting note is that prior to this patch
> fw_download_code() could never fail yet our caller
> checked the return value.
>
> Reported-by: RUC_Soft_Sec <rucsoftsec@gmail.com>
> Signed-off-by: Daniel Dressler <danieru.dressler@gmail.com>
> ---
> drivers/staging/rtl8192e/rtl8192e/r8192E_firmware.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/drivers/staging/rtl8192e/rtl8192e/r8192E_firmware.c b/drivers/staging/rtl8192e/rtl8192e/r8192E_firmware.c
> index 2e28744..e4257fe 100644
> --- a/drivers/staging/rtl8192e/rtl8192e/r8192E_firmware.c
> +++ b/drivers/staging/rtl8192e/rtl8192e/r8192E_firmware.c
> @@ -61,6 +61,9 @@ static bool fw_download_code(struct net_device *dev, u8 *code_virtual_address,
> }
>
> skb = dev_alloc_skb(frag_length + 4);
> + if (!skb)
> + return false;
Lots of people try to fix this "warning" in this manner. But you have
to do more work here than just a simple "return false;", you need to
unwind all of the work you have done up to this point, which is a
non-trivial task...
I'd recommend looking at how other drivers of this manufacturer handle
this type of operation to get a better idea of how to rewrite this
function.
good luck,
greg k-h
prev parent reply other threads:[~2014-11-05 22:56 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-11-05 16:11 [PATCH] Staging: rtl8192e: Fix segfault upon alloc failure Daniel Dressler
2014-11-05 22:56 ` Greg Kroah-Hartman [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20141105225641.GA26985@kroah.com \
--to=gregkh@linuxfoundation.org \
--cc=ben@decadent.org.uk \
--cc=danieru.dressler@gmail.com \
--cc=devel@driverdev.osuosl.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mdcasey@chabloom.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.