* [PATCH 0/2] Fix NULL pointer dereference and use struct_size()
@ 2019-01-22 16:55 Gustavo A. R. Silva
2019-01-22 16:56 ` [PATCH 1/2] mfd: sm501: Fix potential NULL pointer dereference Gustavo A. R. Silva
` (2 more replies)
0 siblings, 3 replies; 8+ messages in thread
From: Gustavo A. R. Silva @ 2019-01-22 16:55 UTC (permalink / raw)
To: Lee Jones, Linus Walleij; +Cc: linux-kernel, Gustavo A. R. Silva
Hi,
The first patch in this series fixes a potential NULL pointer
dereference by adding a NULL check. A tag for stable has been
added for this patch.
The second patch promotes the use of struct_size() in devm_kzalloc().
Both issues were detected with the help of Coccinelle.
Gustavo A. R. Silva (2):
mfd: sm501: Fix potential NULL pointer dereference
mfd: sm501: Use struct_size() in devm_kzalloc()
drivers/mfd/sm501.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
--
2.20.1
^ permalink raw reply [flat|nested] 8+ messages in thread* [PATCH 1/2] mfd: sm501: Fix potential NULL pointer dereference 2019-01-22 16:55 [PATCH 0/2] Fix NULL pointer dereference and use struct_size() Gustavo A. R. Silva @ 2019-01-22 16:56 ` Gustavo A. R. Silva 2019-01-30 13:35 ` Lee Jones 2019-01-22 16:58 ` [PATCH 2/2] mfd: sm501: Use struct_size() in devm_kzalloc() Gustavo A. R. Silva 2019-01-26 13:20 ` [PATCH 0/2] Fix NULL pointer dereference and use struct_size() Linus Walleij 2 siblings, 1 reply; 8+ messages in thread From: Gustavo A. R. Silva @ 2019-01-22 16:56 UTC (permalink / raw) To: Linus Walleij, Lee Jones; +Cc: linux-kernel, Gustavo A. R. Silva There is a potential NULL pointer dereference in case devm_kzalloc() fails and returns NULL. Fix this by adding a NULL check on *lookup* This bug was detected with the help of Coccinelle. Fixes: b2e63555592f ("i2c: gpio: Convert to use descriptors") Cc: stable@vger.kernel.org Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com> --- drivers/mfd/sm501.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/mfd/sm501.c b/drivers/mfd/sm501.c index a530972c5a7e..e0173bf4b0dc 100644 --- a/drivers/mfd/sm501.c +++ b/drivers/mfd/sm501.c @@ -1145,6 +1145,9 @@ static int sm501_register_gpio_i2c_instance(struct sm501_devdata *sm, lookup = devm_kzalloc(&pdev->dev, sizeof(*lookup) + 3 * sizeof(struct gpiod_lookup), GFP_KERNEL); + if (!lookup) + return -ENOMEM; + lookup->dev_id = "i2c-gpio"; if (iic->pin_sda < 32) lookup->table[0].chip_label = "SM501-LOW"; -- 2.20.1 ^ permalink raw reply related [flat|nested] 8+ messages in thread
* Re: [PATCH 1/2] mfd: sm501: Fix potential NULL pointer dereference 2019-01-22 16:56 ` [PATCH 1/2] mfd: sm501: Fix potential NULL pointer dereference Gustavo A. R. Silva @ 2019-01-30 13:35 ` Lee Jones 2019-01-31 0:16 ` Gustavo A. R. Silva 0 siblings, 1 reply; 8+ messages in thread From: Lee Jones @ 2019-01-30 13:35 UTC (permalink / raw) To: Gustavo A. R. Silva; +Cc: Linus Walleij, linux-kernel On Tue, 22 Jan 2019, Gustavo A. R. Silva wrote: > There is a potential NULL pointer dereference in case devm_kzalloc() > fails and returns NULL. > > Fix this by adding a NULL check on *lookup* > > This bug was detected with the help of Coccinelle. > > Fixes: b2e63555592f ("i2c: gpio: Convert to use descriptors") > Cc: stable@vger.kernel.org > Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com> > --- > drivers/mfd/sm501.c | 3 +++ > 1 file changed, 3 insertions(+) Applied, thanks. -- Lee Jones [李琼斯] Linaro Services Technical Lead Linaro.org │ Open source software for ARM SoCs Follow Linaro: Facebook | Twitter | Blog ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH 1/2] mfd: sm501: Fix potential NULL pointer dereference 2019-01-30 13:35 ` Lee Jones @ 2019-01-31 0:16 ` Gustavo A. R. Silva 0 siblings, 0 replies; 8+ messages in thread From: Gustavo A. R. Silva @ 2019-01-31 0:16 UTC (permalink / raw) To: Lee Jones; +Cc: Linus Walleij, linux-kernel On 1/30/19 7:35 AM, Lee Jones wrote: > On Tue, 22 Jan 2019, Gustavo A. R. Silva wrote: > >> There is a potential NULL pointer dereference in case devm_kzalloc() >> fails and returns NULL. >> >> Fix this by adding a NULL check on *lookup* >> >> This bug was detected with the help of Coccinelle. >> >> Fixes: b2e63555592f ("i2c: gpio: Convert to use descriptors") >> Cc: stable@vger.kernel.org >> Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com> >> --- >> drivers/mfd/sm501.c | 3 +++ >> 1 file changed, 3 insertions(+) > > Applied, thanks. > Thanks, Lee. -- Gustavo ^ permalink raw reply [flat|nested] 8+ messages in thread
* [PATCH 2/2] mfd: sm501: Use struct_size() in devm_kzalloc() 2019-01-22 16:55 [PATCH 0/2] Fix NULL pointer dereference and use struct_size() Gustavo A. R. Silva 2019-01-22 16:56 ` [PATCH 1/2] mfd: sm501: Fix potential NULL pointer dereference Gustavo A. R. Silva @ 2019-01-22 16:58 ` Gustavo A. R. Silva 2019-01-30 13:35 ` Lee Jones 2019-01-26 13:20 ` [PATCH 0/2] Fix NULL pointer dereference and use struct_size() Linus Walleij 2 siblings, 1 reply; 8+ messages in thread From: Gustavo A. R. Silva @ 2019-01-22 16:58 UTC (permalink / raw) To: Lee Jones, Linus Walleij; +Cc: linux-kernel, Gustavo A. R. Silva One of the more common cases of allocation size calculations is finding the size of a structure that has a zero-sized array at the end, along with memory for some number of elements for that array. For example: struct foo { int stuff; struct boo entry[]; }; instance = devm_kzalloc(dev, sizeof(struct foo) + count * sizeof(struct boo), GFP_KERNEL); Instead of leaving these open-coded and prone to type mistakes, we can now use the new struct_size() helper: instance = devm_kzalloc(dev, struct_size(instance, entry, count), GFP_KERNEL); This code was detected with the help of Coccinelle. Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com> --- drivers/mfd/sm501.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/drivers/mfd/sm501.c b/drivers/mfd/sm501.c index e0173bf4b0dc..d217debf382e 100644 --- a/drivers/mfd/sm501.c +++ b/drivers/mfd/sm501.c @@ -1142,8 +1142,7 @@ static int sm501_register_gpio_i2c_instance(struct sm501_devdata *sm, return -ENOMEM; /* Create a gpiod lookup using gpiochip-local offsets */ - lookup = devm_kzalloc(&pdev->dev, - sizeof(*lookup) + 3 * sizeof(struct gpiod_lookup), + lookup = devm_kzalloc(&pdev->dev, struct_size(lookup, table, 3), GFP_KERNEL); if (!lookup) return -ENOMEM; -- 2.20.1 ^ permalink raw reply related [flat|nested] 8+ messages in thread
* Re: [PATCH 2/2] mfd: sm501: Use struct_size() in devm_kzalloc() 2019-01-22 16:58 ` [PATCH 2/2] mfd: sm501: Use struct_size() in devm_kzalloc() Gustavo A. R. Silva @ 2019-01-30 13:35 ` Lee Jones 0 siblings, 0 replies; 8+ messages in thread From: Lee Jones @ 2019-01-30 13:35 UTC (permalink / raw) To: Gustavo A. R. Silva; +Cc: Linus Walleij, linux-kernel On Tue, 22 Jan 2019, Gustavo A. R. Silva wrote: > One of the more common cases of allocation size calculations is finding > the size of a structure that has a zero-sized array at the end, along > with memory for some number of elements for that array. For example: > > struct foo { > int stuff; > struct boo entry[]; > }; > > instance = devm_kzalloc(dev, sizeof(struct foo) + count * sizeof(struct boo), GFP_KERNEL); > > Instead of leaving these open-coded and prone to type mistakes, we can > now use the new struct_size() helper: > > instance = devm_kzalloc(dev, struct_size(instance, entry, count), GFP_KERNEL); > > This code was detected with the help of Coccinelle. > > Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com> > --- > drivers/mfd/sm501.c | 3 +-- > 1 file changed, 1 insertion(+), 2 deletions(-) Applied, thanks. -- Lee Jones [李琼斯] Linaro Services Technical Lead Linaro.org │ Open source software for ARM SoCs Follow Linaro: Facebook | Twitter | Blog ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH 0/2] Fix NULL pointer dereference and use struct_size() 2019-01-22 16:55 [PATCH 0/2] Fix NULL pointer dereference and use struct_size() Gustavo A. R. Silva 2019-01-22 16:56 ` [PATCH 1/2] mfd: sm501: Fix potential NULL pointer dereference Gustavo A. R. Silva 2019-01-22 16:58 ` [PATCH 2/2] mfd: sm501: Use struct_size() in devm_kzalloc() Gustavo A. R. Silva @ 2019-01-26 13:20 ` Linus Walleij 2019-01-26 13:49 ` Gustavo A. R. Silva 2 siblings, 1 reply; 8+ messages in thread From: Linus Walleij @ 2019-01-26 13:20 UTC (permalink / raw) To: Gustavo A. R. Silva; +Cc: Lee Jones, linux-kernel@vger.kernel.org On Tue, Jan 22, 2019 at 5:55 PM Gustavo A. R. Silva <gustavo@embeddedor.com> wrote: > The first patch in this series fixes a potential NULL pointer > dereference by adding a NULL check. A tag for stable has been > added for this patch. > > The second patch promotes the use of struct_size() in devm_kzalloc(). Both patches: Reviewed-by: Linus Walleij <linus.walleij@linaro.org> Yours, Linus Walleij ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH 0/2] Fix NULL pointer dereference and use struct_size() 2019-01-26 13:20 ` [PATCH 0/2] Fix NULL pointer dereference and use struct_size() Linus Walleij @ 2019-01-26 13:49 ` Gustavo A. R. Silva 0 siblings, 0 replies; 8+ messages in thread From: Gustavo A. R. Silva @ 2019-01-26 13:49 UTC (permalink / raw) To: Linus Walleij; +Cc: Lee Jones, linux-kernel@vger.kernel.org On 1/26/19 7:20 AM, Linus Walleij wrote: > On Tue, Jan 22, 2019 at 5:55 PM Gustavo A. R. Silva > <gustavo@embeddedor.com> wrote: > >> The first patch in this series fixes a potential NULL pointer >> dereference by adding a NULL check. A tag for stable has been >> added for this patch. >> >> The second patch promotes the use of struct_size() in devm_kzalloc(). > > Both patches: > Reviewed-by: Linus Walleij <linus.walleij@linaro.org> > Thanks, Linus. -- Gustavo ^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2019-01-31 0:16 UTC | newest] Thread overview: 8+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2019-01-22 16:55 [PATCH 0/2] Fix NULL pointer dereference and use struct_size() Gustavo A. R. Silva 2019-01-22 16:56 ` [PATCH 1/2] mfd: sm501: Fix potential NULL pointer dereference Gustavo A. R. Silva 2019-01-30 13:35 ` Lee Jones 2019-01-31 0:16 ` Gustavo A. R. Silva 2019-01-22 16:58 ` [PATCH 2/2] mfd: sm501: Use struct_size() in devm_kzalloc() Gustavo A. R. Silva 2019-01-30 13:35 ` Lee Jones 2019-01-26 13:20 ` [PATCH 0/2] Fix NULL pointer dereference and use struct_size() Linus Walleij 2019-01-26 13:49 ` Gustavo A. R. Silva
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.