[PATCH] mtd: core: Potential NULL dereference in mtd_otp_size()
Dan Carpenter
dan.carpenter at oracle.com
Fri May 14 07:27:15 PDT 2021
If kmalloc() fails then it could lead to a NULL dereference. Check and
return -ENOMEM on error.
Fixes: 4b361cfa8624 ("mtd: core: add OTP nvmem provider support")
Signed-off-by: Dan Carpenter <dan.carpenter at oracle.com>
---
drivers/mtd/mtdcore.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/drivers/mtd/mtdcore.c b/drivers/mtd/mtdcore.c
index 3ae261661eea..9624ad1b999c 100644
--- a/drivers/mtd/mtdcore.c
+++ b/drivers/mtd/mtdcore.c
@@ -779,12 +779,16 @@ static void mtd_set_dev_defaults(struct mtd_info *mtd)
static ssize_t mtd_otp_size(struct mtd_info *mtd, bool is_user)
{
- struct otp_info *info = kmalloc(PAGE_SIZE, GFP_KERNEL);
+ struct otp_info *info;
ssize_t size = 0;
unsigned int i;
size_t retlen;
int ret;
+ info = kmalloc(PAGE_SIZE, GFP_KERNEL);
+ if (!info)
+ return -ENOMEM;
+
if (is_user)
ret = mtd_get_user_prot_info(mtd, PAGE_SIZE, &retlen, info);
else
--
2.30.2
More information about the linux-mtd
mailing list