linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH] bluetooth/virtio_bt: Fix dereference null return value
@ 2021-07-04 14:55 John Wood
  2021-07-04 17:33 ` Marcel Holtmann
  2021-07-04 19:02 ` Greg KH
  0 siblings, 2 replies; 3+ messages in thread
From: John Wood @ 2021-07-04 14:55 UTC (permalink / raw)
  To: Marcel Holtmann, Johan Hedberg, Luiz Augusto von Dentz
  Cc: John Wood, stable, linux-bluetooth, linux-kernel

The alloc_skb function returns NULL on error. So, test this case and
avoid a NULL dereference (skb->data).

Addresses-Coverity-ID: 1484718 ("Dereference null return value")
Fixes: afd2daa26c7ab ("Bluetooth: Add support for virtio transport driver")
Signed-off-by: John Wood <john.wood@gmx.com>
---
 drivers/bluetooth/virtio_bt.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/drivers/bluetooth/virtio_bt.c b/drivers/bluetooth/virtio_bt.c
index c804db7e90f8..5f82574236c0 100644
--- a/drivers/bluetooth/virtio_bt.c
+++ b/drivers/bluetooth/virtio_bt.c
@@ -34,6 +34,8 @@ static int virtbt_add_inbuf(struct virtio_bluetooth *vbt)
 	int err;

 	skb = alloc_skb(1000, GFP_KERNEL);
+	if (!skb)
+		return -ENOMEM;
 	sg_init_one(sg, skb->data, 1000);

 	err = virtqueue_add_inbuf(vq, sg, 1, skb, GFP_KERNEL);
--
2.25.1


^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH] bluetooth/virtio_bt: Fix dereference null return value
  2021-07-04 14:55 [PATCH] bluetooth/virtio_bt: Fix dereference null return value John Wood
@ 2021-07-04 17:33 ` Marcel Holtmann
  2021-07-04 19:02 ` Greg KH
  1 sibling, 0 replies; 3+ messages in thread
From: Marcel Holtmann @ 2021-07-04 17:33 UTC (permalink / raw)
  To: John Wood
  Cc: Johan Hedberg, Luiz Augusto von Dentz, stable,
	Bluetooth Kernel Mailing List, linux-kernel

Hi John,

> The alloc_skb function returns NULL on error. So, test this case and
> avoid a NULL dereference (skb->data).
> 
> Addresses-Coverity-ID: 1484718 ("Dereference null return value")
> Fixes: afd2daa26c7ab ("Bluetooth: Add support for virtio transport driver")
> Signed-off-by: John Wood <john.wood@gmx.com>
> ---
> drivers/bluetooth/virtio_bt.c | 2 ++
> 1 file changed, 2 insertions(+)
> 
> diff --git a/drivers/bluetooth/virtio_bt.c b/drivers/bluetooth/virtio_bt.c
> index c804db7e90f8..5f82574236c0 100644
> --- a/drivers/bluetooth/virtio_bt.c
> +++ b/drivers/bluetooth/virtio_bt.c
> @@ -34,6 +34,8 @@ static int virtbt_add_inbuf(struct virtio_bluetooth *vbt)
> 	int err;
> 
> 	skb = alloc_skb(1000, GFP_KERNEL);
> +	if (!skb)
> +		return -ENOMEM;
> 	sg_init_one(sg, skb->data, 1000);

this is already fixed.

Author: Colin Ian King <colin.king@canonical.com>
Date:   Fri Apr 9 17:53:14 2021 +0100

    Bluetooth: virtio_bt: add missing null pointer check on alloc_skb call return
    
    The call to alloc_skb with the GFP_KERNEL flag can return a null sk_buff
    pointer, so add a null check to avoid any null pointer deference issues.
    
    Addresses-Coverity: ("Dereference null return value")
    Fixes: afd2daa26c7a ("Bluetooth: Add support for virtio transport driver")
    Signed-off-by: Colin Ian King <colin.king@canonical.com>
    Signed-off-by: Marcel Holtmann <marcel@holtmann.org>

Regards

Marcel


^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH] bluetooth/virtio_bt: Fix dereference null return value
  2021-07-04 14:55 [PATCH] bluetooth/virtio_bt: Fix dereference null return value John Wood
  2021-07-04 17:33 ` Marcel Holtmann
@ 2021-07-04 19:02 ` Greg KH
  1 sibling, 0 replies; 3+ messages in thread
From: Greg KH @ 2021-07-04 19:02 UTC (permalink / raw)
  To: John Wood
  Cc: Marcel Holtmann, Johan Hedberg, Luiz Augusto von Dentz, stable,
	linux-bluetooth, linux-kernel

On Sun, Jul 04, 2021 at 04:55:04PM +0200, John Wood wrote:
> The alloc_skb function returns NULL on error. So, test this case and
> avoid a NULL dereference (skb->data).
> 
> Addresses-Coverity-ID: 1484718 ("Dereference null return value")
> Fixes: afd2daa26c7ab ("Bluetooth: Add support for virtio transport driver")
> Signed-off-by: John Wood <john.wood@gmx.com>
> ---
>  drivers/bluetooth/virtio_bt.c | 2 ++
>  1 file changed, 2 insertions(+)


<formletter>

This is not the correct way to submit patches for inclusion in the
stable kernel tree.  Please read:
    https://www.kernel.org/doc/html/latest/process/stable-kernel-rules.html
for how to do this properly.

</formletter>

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2021-07-04 19:02 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-07-04 14:55 [PATCH] bluetooth/virtio_bt: Fix dereference null return value John Wood
2021-07-04 17:33 ` Marcel Holtmann
2021-07-04 19:02 ` Greg KH

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).