From: Ajay Singh <ajay.kathat@microchip.com>
To: Colin King <colin.king@canonical.com>
Cc: Joe Perches <joe@perches.com>,
Aditya Shankar <aditya.shankar@microchip.com>,
Ganesh Krishna <ganesh.krishna@microchip.com>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
linux-wireless@vger.kernel.org, devel@driverdev.osuosl.org,
kernel-janitors@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH] staging: wilc1000: check for kmalloc allocation failures
Date: Mon, 26 Mar 2018 15:47:48 +0000 [thread overview]
Message-ID: <20180326210548.791f070a@ajaysk-VirtualBox> (raw)
In-Reply-To: <1521662598.7999.33.camel@perches.com>
Thanks for submitting the patch.
On Wed, 21 Mar 2018 13:03:18 -0700
Joe Perches <joe@perches.com> wrote:
> On Wed, 2018-03-21 at 19:19 +0000, Colin King wrote:
> > From: Colin Ian King <colin.king@canonical.com>
> >
> > There are three kmalloc allocations that are not null checked which
> > potentially could lead to null pointer dereference issues. Fix this
> > by adding null pointer return checks.
>
> looks like all of these should be kmemdup or kstrdup
>
> >
> > @@ -951,6 +955,10 @@ static s32 handle_connect(struct wilc_vif *vif,
> > if (conn_attr->ssid) {
> > hif_drv->usr_conn_req.ssid = kmalloc(conn_attr->ssid_len + 1,
> > GFP_KERNEL);
> > + if (!hif_drv->usr_conn_req.ssid) {
> > + result = -ENOMEM;
> > + goto error;
> > + }
> > memcpy(hif_drv->usr_conn_req.ssid,
> > conn_attr->ssid,
> > conn_attr->ssid_len);
With this changes the Coverity reported warning is handled correctly.
For further improvement to the patch, as Joe Perches suggested, its better
to make use of kmemdup instead of kmalloc & memcpy. As kstrdup requires the
source string to be NULL terminated('\0') and conn_attr->ssid might not
contains the '\0' terminated string. So kmemdup with length of
'conn_attr->ssid_len' can be used instead.
Please include the changes by using kmemdup() for all kmalloc/memcpy in
this patch.
Regards,
Ajay
next prev parent reply other threads:[~2018-03-26 15:47 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-03-21 19:19 [PATCH] staging: wilc1000: check for kmalloc allocation failures Colin King
2018-03-21 20:03 ` Joe Perches
2018-03-26 15:47 ` Ajay Singh [this message]
2018-03-26 16:15 ` Colin Ian King
2018-03-22 6:47 ` Walter Harms
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180326210548.791f070a@ajaysk-VirtualBox \
--to=ajay.kathat@microchip.com \
--cc=aditya.shankar@microchip.com \
--cc=colin.king@canonical.com \
--cc=devel@driverdev.osuosl.org \
--cc=ganesh.krishna@microchip.com \
--cc=gregkh@linuxfoundation.org \
--cc=joe@perches.com \
--cc=kernel-janitors@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-wireless@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox