> Inject fault while probing of-fpga-region, if kasprintf() fails in > module_add_driver(), the second sysfs_remove_link() in exit path will cause > null-ptr-deref as below because kernfs_name_hash() will call strlen() with > NULL driver_name. …
How do you think about to use the term “null pointer dereference” for the commit message (and summary phrase)? … > +++ b/drivers/base/module.c > @@ -66,27 +66,31 @@ int module_add_driver(struct module *mod, const struct > device_driver *drv) … > sysfs_remove_link(mk->drivers_dir, driver_name); > + > +out_free_driver_name: > kfree(driver_name); > > +out_remove_kobj: > + sysfs_remove_link(&drv->p->kobj, "module"); … I suggest to omit two blank lines here. Regards, Markus
