From: Greg KH <gregkh@linuxfoundation.org>
To: xkernel.wang@foxmail.com
Cc: Larry.Finger@lwfinger.net, phil@philpotter.co.uk,
linux-staging@lists.linux.dev, linux-kernel@vger.kernel.org
Subject: Re: [PATCH 1/2] staging: r8188eu: properly handle the kzalloc()
Date: Thu, 31 Mar 2022 08:03:08 +0200 [thread overview]
Message-ID: <YkVEHNubZCXmgeMx@kroah.com> (raw)
In-Reply-To: <tencent_12789CD2DEBF33C818B3542E170737854506@qq.com>
On Wed, Mar 30, 2022 at 11:16:07PM +0800, xkernel.wang@foxmail.com wrote:
> From: Xiaoke Wang <xkernel.wang@foxmail.com>
>
> kzalloc() is a memory allocation function which can return NULL when
> some internal memory errors happen. So it is better to handle the return
> of it to prevent potential wrong memory access.
> For the kzalloc() in go_add_group_info_attr(), since there is a lack
> of error handlers along the call chain it lies and the lifetime of
> `pdata_attr` is only in go_add_group_info_attr(), `pdata_attr` is roughly
> changed to a local variable on stack like the other functions in
> rtw_p2p.c, such as `u8 p2pie[MAX_P2P_IE_LEN] = { 0x00 };` in
> issue_p2p_presence_resp().
>
> Signed-off-by: Xiaoke Wang <xkernel.wang@foxmail.com>
> ---
> drivers/staging/r8188eu/core/rtw_p2p.c | 6 ++----
> drivers/staging/r8188eu/core/rtw_xmit.c | 12 +++++++++---
> drivers/staging/r8188eu/include/rtw_xmit.h | 2 +-
> 3 files changed, 12 insertions(+), 8 deletions(-)
>
> diff --git a/drivers/staging/r8188eu/core/rtw_p2p.c b/drivers/staging/r8188eu/core/rtw_p2p.c
> index e2b6cf2..f1a5df8 100644
> --- a/drivers/staging/r8188eu/core/rtw_p2p.c
> +++ b/drivers/staging/r8188eu/core/rtw_p2p.c
> @@ -27,15 +27,14 @@ static u32 go_add_group_info_attr(struct wifidirect_info *pwdinfo, u8 *pbuf)
> struct list_head *phead, *plist;
> u32 len = 0;
> u16 attr_len = 0;
> - u8 tmplen, *pdata_attr, *pstart, *pcur;
> + u8 pdata_attr[MAX_P2P_IE_LEN] = { 0x00 };
You just created a huge variable on the stack. Are you _SURE_ that is
ok?
Have you tested this change to make sure it works? If not, I can't take
it, sorry.
greg k-h
next prev parent reply other threads:[~2022-03-31 6:03 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-30 15:16 [PATCH 1/2] staging: r8188eu: properly handle the kzalloc() xkernel.wang
2022-03-30 15:29 ` [PATCH 2/2] staging: r8188eu: fix potential memory leak in _rtw_init_xmit_priv() xkernel.wang
2022-03-31 6:04 ` Greg KH
2022-03-31 7:35 ` Dan Carpenter
2022-03-31 8:21 ` Xiaoke Wang
2022-03-31 8:49 ` Dan Carpenter
[not found] ` <2022033116214474301568@foxmail.com>
2022-03-31 8:33 ` Xiaoke Wang
2022-03-31 9:20 ` Dan Carpenter
2022-03-31 6:03 ` Greg KH [this message]
2022-03-31 6:37 ` [PATCH 1/2] staging: r8188eu: properly handle the kzalloc() Dan Carpenter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YkVEHNubZCXmgeMx@kroah.com \
--to=gregkh@linuxfoundation.org \
--cc=Larry.Finger@lwfinger.net \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-staging@lists.linux.dev \
--cc=phil@philpotter.co.uk \
--cc=xkernel.wang@foxmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.