[PATCH] s390/raw3270: handle memory allocation failure in 'raw3270_setup

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

* [PATCH] s390/raw3270: handle memory allocation failure in 'raw3270_setup_console()'
@ 2024-06-23 12:24 yskelg
  2024-06-23 15:37 ` [PATCH] s390/raw3270: Handle memory allocation failures in raw3270_setup_console() Markus Elfring
  2024-06-23 17:21 ` [PATCH] s390/raw3270: handle memory allocation failure in 'raw3270_setup_console()' Heiko Carstens
  0 siblings, 2 replies; 3+ messages in thread
From: yskelg @ 2024-06-23 12:24 UTC (permalink / raw)
  To: Harald Freudenberger, Heiko Carstens, Vasily Gorbik,
	Alexander Gordeev, Christian Borntraeger, Sven Schnelle
  Cc: shjy180909, linux-s390, linux-kernel, Yunseong Kim

From: Yunseong Kim <yskelg@gmail.com>

This patch handle potential null pointer dereference in
'raw3270_setup_device()', When 'raw3270_setup_console()' fails to
allocate memory for 'rp' or 'ascebc'.

Signed-off-by: Yunseong Kim <yskelg@gmail.com>
---
 drivers/s390/char/raw3270.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/drivers/s390/char/raw3270.c b/drivers/s390/char/raw3270.c
index c57694be9bd3..4e81040eea81 100644
--- a/drivers/s390/char/raw3270.c
+++ b/drivers/s390/char/raw3270.c
@@ -812,7 +812,13 @@ struct raw3270 __init *raw3270_setup_console(void)
 		return ERR_CAST(cdev);
 
 	rp = kzalloc(sizeof(*rp), GFP_KERNEL | GFP_DMA);
+	if (!rp)
+		return ERR_PTR(-ENOMEM);
 	ascebc = kzalloc(256, GFP_KERNEL);
+	if (!ascebc) {
+		kfree(rp);
+		return ERR_PTR(-ENOMEM);
+	}
 	rc = raw3270_setup_device(cdev, rp, ascebc);
 	if (rc)
 		return ERR_PTR(rc);
-- 
2.45.2


^ permalink raw reply related	[flat|nested] 3+ messages in thread

* Re: [PATCH] s390/raw3270: Handle memory allocation failures in raw3270_setup_console()
  2024-06-23 12:24 [PATCH] s390/raw3270: handle memory allocation failure in 'raw3270_setup_console()' yskelg
@ 2024-06-23 15:37 ` Markus Elfring
  2024-06-23 17:21 ` [PATCH] s390/raw3270: handle memory allocation failure in 'raw3270_setup_console()' Heiko Carstens
  1 sibling, 0 replies; 3+ messages in thread
From: Markus Elfring @ 2024-06-23 15:37 UTC (permalink / raw)
  To: Yunseong Kim, linux-s390, Alexander Gordeev,
	Christian Bornträger, Harald Freudenberger, Heiko Carstens,
	Sven Schnelle, Vasily Gorbik
  Cc: LKML, MichelleJin

> This patch handle potential null pointer dereference in
> 'raw3270_setup_device()', When 'raw3270_setup_console()' fails to
> allocate memory for 'rp' or 'ascebc'.

1. Can a wording approach (like the following) be a better change description?

   A null pointer is stored in a local variable after a call of
   the function “kzalloc” failed. This pointer was passed to
   a subsequent call of the function “raw3270_setup_device”
   where an undesirable dereference will be performed then.
   Thus add corresponding return value checks.

2. Would you like to add any tags (like “Fixes”) accordingly?

3. The allocated two memory areas are immediately overwritten by the called function.
   Can zero-initialisation be omitted by calling the function “kmalloc” instead?

4. Under which circumstances will development interests grow for increasing
   the application of scope-based resource management?
   https://elixir.bootlin.com/linux/v6.10-rc4/source/include/linux/cleanup.h#L8

Regards,
Markus

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH] s390/raw3270: handle memory allocation failure in 'raw3270_setup_console()'
  2024-06-23 12:24 [PATCH] s390/raw3270: handle memory allocation failure in 'raw3270_setup_console()' yskelg
  2024-06-23 15:37 ` [PATCH] s390/raw3270: Handle memory allocation failures in raw3270_setup_console() Markus Elfring
@ 2024-06-23 17:21 ` Heiko Carstens
  1 sibling, 0 replies; 3+ messages in thread
From: Heiko Carstens @ 2024-06-23 17:21 UTC (permalink / raw)
  To: yskelg
  Cc: Harald Freudenberger, Vasily Gorbik, Alexander Gordeev,
	Christian Borntraeger, Sven Schnelle, shjy180909, linux-s390,
	linux-kernel

On Sun, Jun 23, 2024 at 09:24:49PM +0900, yskelg@gmail.com wrote:
> From: Yunseong Kim <yskelg@gmail.com>
> 
> This patch handle potential null pointer dereference in
> 'raw3270_setup_device()', When 'raw3270_setup_console()' fails to
> allocate memory for 'rp' or 'ascebc'.
> 
> Signed-off-by: Yunseong Kim <yskelg@gmail.com>
> ---
>  drivers/s390/char/raw3270.c | 6 ++++++
>  1 file changed, 6 insertions(+)
> 
> diff --git a/drivers/s390/char/raw3270.c b/drivers/s390/char/raw3270.c
> index c57694be9bd3..4e81040eea81 100644
> --- a/drivers/s390/char/raw3270.c
> +++ b/drivers/s390/char/raw3270.c
> @@ -812,7 +812,13 @@ struct raw3270 __init *raw3270_setup_console(void)
>  		return ERR_CAST(cdev);
>  
>  	rp = kzalloc(sizeof(*rp), GFP_KERNEL | GFP_DMA);
> +	if (!rp)
> +		return ERR_PTR(-ENOMEM);
>  	ascebc = kzalloc(256, GFP_KERNEL);
> +	if (!ascebc) {
> +		kfree(rp);
> +		return ERR_PTR(-ENOMEM);
> +	}
>  	rc = raw3270_setup_device(cdev, rp, ascebc);
>  	if (rc)
>  		return ERR_PTR(rc);

This is kind of pointless since such allocations won't fail.. but
anyway: please make allocation and error handling like it is already
done in raw3270_create_device(); this will also prevent a memory leak
of rp and ascebc in case raw3270_setup_device() fails.

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2024-06-23 17:21 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-06-23 12:24 [PATCH] s390/raw3270: handle memory allocation failure in 'raw3270_setup_console()' yskelg
2024-06-23 15:37 ` [PATCH] s390/raw3270: Handle memory allocation failures in raw3270_setup_console() Markus Elfring
2024-06-23 17:21 ` [PATCH] s390/raw3270: handle memory allocation failure in 'raw3270_setup_console()' Heiko Carstens

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox