RE: [PATCH] regmap: irq: Fix possible ZERO_SIZE_PTR pointer dereferencing error.

[Li.Xiubo@xxxxxxxxxxxxx]

> Subject: Re: [PATCH] regmap: irq: Fix possible ZERO_SIZE_PTR pointer
> dereferencing error.
> 
> On Mon, May 19, 2014 at 03:13:45PM +0800, Xiubo Li wrote:
> > Since we cannot make sure the 'chip->num_regs' will always be none zero
> > from the users, and then if 'chip->num_regs' equals to zero by mistake
> > or other reasons, the kzalloc() will return ZERO_SIZE_PTR, which equals
> > to ((void *)16).
> >
> > So this patch fix this with just checking the 'chip->num_regs' before
> > calling kzalloc().
> 
> Where is the actual dereference that's being protected against here?
> 

Such as:
        d->mask_buf = kzalloc(sizeof(unsigned int) * chip->num_regs,
                              GFP_KERNEL);
        if (!d->mask_buf)
                goto err_alloc;

And then:
        d->mask_buf[irq_data->reg_offset / map->reg_stride] |= irq_data->mask;



> > This also sorts the header files in alphabetical order at the same time.
> 
> No, don't do things like this.  It just makes things harder to review.

Okay, I'll follow your advice.

Thanks,

BRs
Xiubo

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/