On Tue, 29 Jan 2019 08:01:22 +0000,
YueHaibing <yuehaib...@huawei.com> wrote:
>
> There is a potential NULL pointer dereference in case kzalloc()
> fails and returns NULL.
>
> Fixes: 4bba66899ac6 ("irqchip/tango: Add support for Sigma Designs
> SMP86xx/SMP87xx interrupt controller")
> Signed-off-by: YueHaibing <yuehaib...@huawei.com>
> ---
> drivers/irqchip/irq-tango.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/drivers/irqchip/irq-tango.c b/drivers/irqchip/irq-tango.c
> index ae28d86..a63b828 100644
> --- a/drivers/irqchip/irq-tango.c
> +++ b/drivers/irqchip/irq-tango.c
> @@ -191,6 +191,8 @@ static int __init tangox_irq_init(void __iomem *base,
> struct resource *baseres,
> panic("%pOFn: failed to get address", node);
>
> chip = kzalloc(sizeof(*chip), GFP_KERNEL);
> + if (!chip)
> + return -ENOMEM;
> chip->ctl = res.start - baseres->start;
> chip->base = base;
>
This is a commendable effort, but given that the whole error handling
of this driver is just to simply panic, I have the ugly feeling that
this lack of check is more a feature than a bug... Not that I like it,
but at least it is consistent.
If you're going to change that, I'd recommend you overhaul the whole
thing.
Thanks,
M.
--
Jazz is not dead, it just smell funny.
