[PATCH 4/4] mtd: Check for allocation failures and bail out appropriately in init_msp_flash()

public inbox for linux-mtd@lists.infradead.org
 help / color / mirror / Atom feed

From: Jesper Juhl <jesper.juhl@gmail.com>
To: David Woodhouse <dwmw2@infradead.org>
Cc: Denys Vlasenko <vda.linux@googlemail.com>,
	Jesper Juhl <jesper.juhl@gmail.com>,
	Marc St-Jean <stjeanma@pmc-sierra.com>,
	linux-mtd@lists.infradead.org,
	"Robert P. J. Day" <rpjday@mindspring.com>
Subject: [PATCH 4/4] mtd: Check for allocation failures and bail out appropriately in init_msp_flash()
Date: Sun, 26 Aug 2007 03:57:19 +0200	[thread overview]
Message-ID: <200708260357.20106.jesper.juhl@gmail.com> (raw)
In-Reply-To: <200708260356.17664.jesper.juhl@gmail.com>


    mtd: Check for allocation failures and bail out appropriately in init_msp_flash()
    
    Just trusting that a memory allocation succeeds is a bad habbit that
    can lead to null pointer dereferences fairly fast.
    In drivers/mtd/maps/pmcmsp-flash.c::init_msp_flash() there are a few
    allocations where I don't see anything guaranteeing that they will
    never fail, yet they are not checked for success...
    This patch adds checks for these allocations and also cleans up
    previous allocations properly in case one fails.
    
    Signed-off-by: Jesper Juhl <jesper.juhl@gmail.com>
---
 drivers/mtd/maps/pmcmsp-flash.c |   19 +++++++++++++++++--
 1 files changed, 17 insertions(+), 2 deletions(-)

diff --git a/drivers/mtd/maps/pmcmsp-flash.c b/drivers/mtd/maps/pmcmsp-flash.c
index b6d382a..5472547 100644
--- a/drivers/mtd/maps/pmcmsp-flash.c
+++ b/drivers/mtd/maps/pmcmsp-flash.c
@@ -57,6 +57,7 @@ int __init init_msp_flash(void)
 	char flash_name[] = "flash0";
 	char part_name[] = "flash0_0";
 	unsigned addr, size;
+	int err = 0;
 
 	/* If ELB is disabled by "ful-mux" mode, we can't get at flash */
 	if ((*DEV_ID_REG & DEV_ID_SINGLE_PC) &&
@@ -74,8 +75,14 @@ int __init init_msp_flash(void)
 
 	printk(KERN_NOTICE "Found %d PMC flash devices\n", fcnt);
 	msp_flash = kmalloc(fcnt * sizeof(struct map_info *), GFP_KERNEL);
+	if (msp_flash == NULL)
+		goto out_mem;
 	msp_parts = kmalloc(fcnt * sizeof(struct mtd_partition *), GFP_KERNEL);
+	if (msp_parts == NULL)
+		goto out_mem_flash;
 	msp_maps = kcalloc(fcnt, sizeof(struct mtd_info), GFP_KERNEL);
+	if (msp_maps == NULL)
+		goto out_mem_parts;
 
 	/* loop over the flash devices, initializing each */
 	for (i = 0; i < fcnt; i++) {
@@ -122,7 +129,7 @@ int __init init_msp_flash(void)
 
 		msp_maps[i].name = kmalloc(7, GFP_KERNEL);
 		if (msp_maps[i].name == NULL)
-			return -ENOMEM;
+			goto out_mem;
 		strncpy(msp_maps[i].name, flash_name, 7);
 
 		msp_maps[i].bankwidth = 1;
@@ -153,7 +160,15 @@ int __init init_msp_flash(void)
 		}
 	}
 
-	return 0;
+out:
+	return err;
+out_mem_parts:
+	kfree(parts);
+out_mem_flash:
+	kfree(flash);
+out_mem:
+	err = -ENOMEM;
+	goto out;
 }
 
 static void __exit cleanup_msp_flash(void)

next prev parent reply	other threads:[~2007-08-26  2:06 UTC|newest]

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2007-08-26  1:52 [PATCH 0/4] mtd: cleanups and small bug fixes for init_msp_flash() Jesper Juhl
2007-08-26  1:54 ` [PATCH 1/4] mtd: Don't cast kmalloc() return value in drivers/mtd/maps/pmcmsp-flash.c Jesper Juhl
2007-08-26  1:55   ` [PATCH 2/4] mtd: convert some kmalloc()+memset() calls to kcalloc() " Jesper Juhl
2007-08-26  1:56     ` [PATCH 3/4] mtd: Fix a potential NULL ptr deref bug and mem leak in init_msp_flash() Jesper Juhl
2007-08-26  1:57       ` Jesper Juhl [this message]
2007-08-26  8:36   ` [PATCH 1/4] mtd: Don't cast kmalloc() return value in drivers/mtd/maps/pmcmsp-flash.c Robert P. J. Day
2007-08-26 13:19     ` Jesper Juhl
2007-08-26 15:41       ` Robert P. J. Day

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:b6d382a dfblob:5472547 )
 OR (
bs:"[PATCH 4/4] mtd: Check for allocation failures and bail out appropriately in init_msp_flash()" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=200708260357.20106.jesper.juhl@gmail.com \
    --to=jesper.juhl@gmail.com \
    --cc=dwmw2@infradead.org \
    --cc=linux-mtd@lists.infradead.org \
    --cc=rpjday@mindspring.com \
    --cc=stjeanma@pmc-sierra.com \
    --cc=vda.linux@googlemail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox