Re: [RFC] perf: Prevent potential null dereference

[Arnaldo Carvalho de Melo]

Em Thu, Dec 02, 2010 at 11:41:08PM +0100, Frederic Weisbecker escreveu:
> On Fri, Dec 03, 2010 at 01:26:05AM +0300, Cyrill Gorcunov wrote:
> > In case if there is no memory we might hit null
> > dereference on accessing calloc'ed data.
> > 
> > Signed-off-by: Cyrill Gorcunov <gorcunov@xxxxxxxxxx>
> > CC: Arnaldo Carvalho de Melo <acme@xxxxxxxxxx>
> > CC: Peter Zijlstra <peterz@xxxxxxxxxxxxx>
> > CC: Ingo Molnar <mingo@xxxxxxx>
> > CC: Frederic Weisbecker <fweisbec@xxxxxxxxx>
> > ---
> > 
> > It seems exit right here is more convenient than passing error
> > handling level up (which would have to exit anyway), thought
> > if handling it "upper" is preferred -- just say a word.
> > 
> >  tools/perf/builtin-record.c |    4 ++++
> >  1 file changed, 4 insertions(+)
> > 
> > Index: linux-2.6.git/tools/perf/builtin-record.c
> > =====================================================================
> > --- linux-2.6.git.orig/tools/perf/builtin-record.c
> > +++ linux-2.6.git/tools/perf/builtin-record.c
> > @@ -524,6 +524,10 @@ static void comm__construct(int argc, co
> >  		return;
> >  
> >  	comm = calloc(1, size);
> > +	if (!comm) {
> > +		pr_err("Not enough memory to construct internal command line.\n");
> > +		exit(-1);
> > +	}
> >  
> >  	tmp = comm;
> >  	for (i = 0; i < argc; i++) {
> 
> 
> Good.
> 
> As a nit, not that it matters that much because we are very close to the starting code
> anyway, but it would be better to propagate the error to the callers.

I'm of the opinion that main() should be where exit() is allowed, and
even there... return would be better. 8-)

- Arnaldo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/