Linux-ARM-Kernel Archive on lore.kernel.org
 help / Atom feed
* [PATCH v2 0/2] Fix NULL pointer dereference and use struct_size
@ 2019-01-05  5:52 Gustavo A. R. Silva
  2019-01-05  5:54 ` [PATCH v2 1/2] ARM: integrator: impd1: fix NULL pointer dereference Gustavo A. R. Silva
  2019-01-05  5:55 ` [PATCH v2 2/2] ARM: integrator: impd1: use struct_size() in devm_kzalloc() Gustavo A. R. Silva
  0 siblings, 2 replies; 4+ messages in thread
From: Gustavo A. R. Silva @ 2019-01-05  5:52 UTC (permalink / raw)
  To: Linus Walleij, Russell King
  Cc: linux-kernel, linux-arm-kernel, Gustavo A. R. Silva

Hi,

The first patch in this series fixes a potential NULL pointer
dereference by adding a NULL check. A tag for stable has been
added for this patch.

The second patch promotes the use of struct_size() in devm_kzalloc().

Both issues were detected with the help of Coccinelle.

Thanks

Changes in v2:
 - Fix bug in patch 2/2 reported by kbuild test robot.

Gustavo A. R. Silva (2):
  ARM: integrator: impd1: fix NULL pointer dereference
  ARM: integrator: impd1: use struct_size() in devm_kzalloc()

 arch/arm/mach-integrator/impd1.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

-- 
2.20.1


_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

^ permalink raw reply	[flat|nested] 4+ messages in thread

* [PATCH v2 1/2] ARM: integrator: impd1: fix NULL pointer dereference
  2019-01-05  5:52 [PATCH v2 0/2] Fix NULL pointer dereference and use struct_size Gustavo A. R. Silva
@ 2019-01-05  5:54 ` Gustavo A. R. Silva
  2019-01-05  5:55 ` [PATCH v2 2/2] ARM: integrator: impd1: use struct_size() in devm_kzalloc() Gustavo A. R. Silva
  1 sibling, 0 replies; 4+ messages in thread
From: Gustavo A. R. Silva @ 2019-01-05  5:54 UTC (permalink / raw)
  To: Russell King, Linus Walleij
  Cc: linux-kernel, linux-arm-kernel, Gustavo A. R. Silva

There is a potential NULL pointer dereference in case devm_kzalloc()
fails and returns NULL.

Fix this by adding a NULL check on lookup.

This issue was detected with the help of Coccinelle.

Fixes: 684284b64aae ("ARM: integrator: add MMCI device to IM-PD1")
Cc: stable@vger.kernel.org
Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
---
Changes in v2:
 - None.

 arch/arm/mach-integrator/impd1.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/arch/arm/mach-integrator/impd1.c b/arch/arm/mach-integrator/impd1.c
index a109f6482413..eb0149561be2 100644
--- a/arch/arm/mach-integrator/impd1.c
+++ b/arch/arm/mach-integrator/impd1.c
@@ -392,6 +392,9 @@ static int __ref impd1_probe(struct lm_device *dev)
 			lookup = devm_kzalloc(&dev->dev,
 					      sizeof(*lookup) + 3 * sizeof(struct gpiod_lookup),
 					      GFP_KERNEL);
+			if (!lookup)
+				return -ENOMEM;
+
 			chipname = devm_kstrdup(&dev->dev, devname, GFP_KERNEL);
 			mmciname = kasprintf(GFP_KERNEL, "lm%x:00700", dev->id);
 			lookup->dev_id = mmciname;
-- 
2.20.1


_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

^ permalink raw reply	[flat|nested] 4+ messages in thread

* [PATCH v2 2/2] ARM: integrator: impd1: use struct_size() in devm_kzalloc()
  2019-01-05  5:52 [PATCH v2 0/2] Fix NULL pointer dereference and use struct_size Gustavo A. R. Silva
  2019-01-05  5:54 ` [PATCH v2 1/2] ARM: integrator: impd1: fix NULL pointer dereference Gustavo A. R. Silva
@ 2019-01-05  5:55 ` Gustavo A. R. Silva
  2019-01-11 12:33   ` Linus Walleij
  1 sibling, 1 reply; 4+ messages in thread
From: Gustavo A. R. Silva @ 2019-01-05  5:55 UTC (permalink / raw)
  To: Linus Walleij, Russell King
  Cc: linux-kernel, linux-arm-kernel, Gustavo A. R. Silva

One of the more common cases of allocation size calculations is finding
the size of a structure that has a zero-sized array at the end, along
with memory for some number of elements for that array. For example:

struct foo {
    int stuff;
    void *entry[];
};

instance = devm_kzalloc(dev, sizeof(struct foo) + sizeof(void *) * count, GFP_KERNEL);

Instead of leaving these open-coded and prone to type mistakes, we can
now use the new struct_size() helper:

instance = devm_kzalloc(dev, struct_size(instance, entry, count), GFP_KERNEL);

This code was detected with the help of Coccinelle.

Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
---
Changes in v2:
 - Fix devm_kzalloc parameter reported by kbuild test robot.

 arch/arm/mach-integrator/impd1.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/arm/mach-integrator/impd1.c b/arch/arm/mach-integrator/impd1.c
index eb0149561be2..a0a1e2acdb5e 100644
--- a/arch/arm/mach-integrator/impd1.c
+++ b/arch/arm/mach-integrator/impd1.c
@@ -390,7 +390,7 @@ static int __ref impd1_probe(struct lm_device *dev)
 			char *mmciname;
 
 			lookup = devm_kzalloc(&dev->dev,
-					      sizeof(*lookup) + 3 * sizeof(struct gpiod_lookup),
+					      struct_size(lookup, table, 3),
 					      GFP_KERNEL);
 			if (!lookup)
 				return -ENOMEM;
-- 
2.20.1


_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH v2 2/2] ARM: integrator: impd1: use struct_size() in devm_kzalloc()
  2019-01-05  5:55 ` [PATCH v2 2/2] ARM: integrator: impd1: use struct_size() in devm_kzalloc() Gustavo A. R. Silva
@ 2019-01-11 12:33   ` Linus Walleij
  0 siblings, 0 replies; 4+ messages in thread
From: Linus Walleij @ 2019-01-11 12:33 UTC (permalink / raw)
  To: Gustavo A. R. Silva; +Cc: Russell King, Linux ARM, linux-kernel

On Sat, Jan 5, 2019 at 6:55 AM Gustavo A. R. Silva
<gustavo@embeddedor.com> wrote:

> One of the more common cases of allocation size calculations is finding
> the size of a structure that has a zero-sized array at the end, along
> with memory for some number of elements for that array. For example:
>
> struct foo {
>     int stuff;
>     void *entry[];
> };
>
> instance = devm_kzalloc(dev, sizeof(struct foo) + sizeof(void *) * count, GFP_KERNEL);
>
> Instead of leaving these open-coded and prone to type mistakes, we can
> now use the new struct_size() helper:
>
> instance = devm_kzalloc(dev, struct_size(instance, entry, count), GFP_KERNEL);
>
> This code was detected with the help of Coccinelle.
>
> Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
> ---
> Changes in v2:
>  - Fix devm_kzalloc parameter reported by kbuild test robot.

Patch applied.

Yours,
Linus Walleij

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, back to index

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-01-05  5:52 [PATCH v2 0/2] Fix NULL pointer dereference and use struct_size Gustavo A. R. Silva
2019-01-05  5:54 ` [PATCH v2 1/2] ARM: integrator: impd1: fix NULL pointer dereference Gustavo A. R. Silva
2019-01-05  5:55 ` [PATCH v2 2/2] ARM: integrator: impd1: use struct_size() in devm_kzalloc() Gustavo A. R. Silva
2019-01-11 12:33   ` Linus Walleij

Linux-ARM-Kernel Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-arm-kernel/0 linux-arm-kernel/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-arm-kernel linux-arm-kernel/ https://lore.kernel.org/linux-arm-kernel \
		linux-arm-kernel@lists.infradead.org infradead-linux-arm-kernel@archiver.kernel.org
	public-inbox-index linux-arm-kernel


Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.infradead.lists.linux-arm-kernel


AGPL code for this site: git clone https://public-inbox.org/ public-inbox