From patchwork Mon Jan 10 07:23:04 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Greg KH X-Patchwork-Id: 531503 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id D450EC4332F for ; Mon, 10 Jan 2022 07:30:31 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240284AbiAJHaa (ORCPT ); Mon, 10 Jan 2022 02:30:30 -0500 Received: from dfw.source.kernel.org ([139.178.84.217]:38028 "EHLO dfw.source.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240081AbiAJH22 (ORCPT ); Mon, 10 Jan 2022 02:28:28 -0500 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id B23C8611C9; Mon, 10 Jan 2022 07:28:27 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 97EF9C36AE9; Mon, 10 Jan 2022 07:28:26 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1641799707; bh=WLcjkDH0MA5Ws7HBfmZfW8Pr+NSz5/fPbxZShZIadus=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=y6ylJ21a726y9kFRVTpyhQHT6A7NfAzw/eGdxuhF4gWpe2zyNYmWA7TeGnN/ydd1/ YyE2ptOchsJjT5QXiffXY7HKJEt7hUFByFD5DMIsftr375MrtKOHpxniDrT71zc3BB 0Kh+Wv0rSAxqLN0j9ZvtwLO9TcJww5ueGlsxGJpg= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Jiasheng Jiang , Leon Romanovsky , Jason Gunthorpe Subject: [PATCH 5.4 09/34] RDMA/uverbs: Check for null return of kmalloc_array Date: Mon, 10 Jan 2022 08:23:04 +0100 Message-Id: <20220110071815.967327967@linuxfoundation.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20220110071815.647309738@linuxfoundation.org> References: <20220110071815.647309738@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: stable@vger.kernel.org From: Jiasheng Jiang commit 7694a7de22c53a312ea98960fcafc6ec62046531 upstream. Because of the possible failure of the allocation, data might be NULL pointer and will cause the dereference of the NULL pointer later. Therefore, it might be better to check it and return -ENOMEM. Fixes: 6884c6c4bd09 ("RDMA/verbs: Store the write/write_ex uapi entry points in the uverbs_api") Link: https://lore.kernel.org/r/20211231093315.1917667-1-jiasheng@iscas.ac.cn Signed-off-by: Jiasheng Jiang Reviewed-by: Leon Romanovsky Signed-off-by: Jason Gunthorpe Signed-off-by: Greg Kroah-Hartman --- drivers/infiniband/core/uverbs_uapi.c | 3 +++ 1 file changed, 3 insertions(+) --- a/drivers/infiniband/core/uverbs_uapi.c +++ b/drivers/infiniband/core/uverbs_uapi.c @@ -450,6 +450,9 @@ static int uapi_finalize(struct uverbs_a uapi->num_write_ex = max_write_ex + 1; data = kmalloc_array(uapi->num_write + uapi->num_write_ex, sizeof(*uapi->write_methods), GFP_KERNEL); + if (!data) + return -ENOMEM; + for (i = 0; i != uapi->num_write + uapi->num_write_ex; i++) data[i] = &uapi->notsupp_method; uapi->write_methods = data;