diff mbox

NFC: fix device-allocation error return

Message ID 20170709110858.20331-1-johan@kernel.org (mailing list archive)
State Accepted
Delegated to: Samuel Ortiz
Headers show

Commit Message

Johan Hovold July 9, 2017, 11:08 a.m. UTC
A recent change fixing NFC device allocation itself introduced an
error-handling bug by returning an error pointer in case device-id
allocation failed. This is clearly broken as the callers still expected
NULL to be returned on errors as detected by Dan's static checker.

Fix this up by returning NULL in the event that we've run out of memory
when allocating a new device id.

Note that the offending commit is marked for stable (3.8) so this fix
needs to be backported along with it.

Fixes: 20777bc57c34 ("NFC: fix broken device allocation")
Cc: stable <stable@vger.kernel.org>	# 3.8
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Johan Hovold <johan@kernel.org>
---
 net/nfc/core.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Johan Hovold July 22, 2017, 1:32 p.m. UTC | #1
On Sun, Jul 09, 2017 at 01:08:58PM +0200, Johan Hovold wrote:
> A recent change fixing NFC device allocation itself introduced an
> error-handling bug by returning an error pointer in case device-id
> allocation failed. This is clearly broken as the callers still expected
> NULL to be returned on errors as detected by Dan's static checker.
> 
> Fix this up by returning NULL in the event that we've run out of memory
> when allocating a new device id.
> 
> Note that the offending commit is marked for stable (3.8) so this fix
> needs to be backported along with it.
> 
> Fixes: 20777bc57c34 ("NFC: fix broken device allocation")
> Cc: stable <stable@vger.kernel.org>	# 3.8
> Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
> Signed-off-by: Johan Hovold <johan@kernel.org>

Samuel or David,

Could you apply this follow-up fix so that it can be backported along
with the offending commit (which was just added to the stable queues)?

We would only hit this error path if an ida allocation fails due to OOM;
so while this is not critical, it would still be nice to get it fixed.

Thanks,
Johan
Johan Hovold Aug. 28, 2017, 8:39 a.m. UTC | #2
Samuel or David,

On Sat, Jul 22, 2017 at 03:32:28PM +0200, Johan Hovold wrote:
> On Sun, Jul 09, 2017 at 01:08:58PM +0200, Johan Hovold wrote:
> > A recent change fixing NFC device allocation itself introduced an
> > error-handling bug by returning an error pointer in case device-id
> > allocation failed. This is clearly broken as the callers still expected
> > NULL to be returned on errors as detected by Dan's static checker.
> > 
> > Fix this up by returning NULL in the event that we've run out of memory
> > when allocating a new device id.
> > 
> > Note that the offending commit is marked for stable (3.8) so this fix
> > needs to be backported along with it.
> > 
> > Fixes: 20777bc57c34 ("NFC: fix broken device allocation")
> > Cc: stable <stable@vger.kernel.org>	# 3.8
> > Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
> > Signed-off-by: Johan Hovold <johan@kernel.org>

> Could you apply this follow-up fix so that it can be backported along
> with the offending commit (which was just added to the stable queues)?
> 
> We would only hit this error path if an ida allocation fails due to OOM;
> so while this is not critical, it would still be nice to get it fixed.

Another reminder about this one; can you apply it so we can get it into
4.14-rc1?

Note that the offending commit has now been backported to the stable
trees and we really want this trivial follow-up fix to be backported as
well.

Let me know if you want me to resend the patch.

Thanks,
Johan
Samuel Ortiz Nov. 5, 2017, 11:54 p.m. UTC | #3
Hi Johan,

On Sun, Jul 09, 2017 at 01:08:58PM +0200, Johan Hovold wrote:
> A recent change fixing NFC device allocation itself introduced an
> error-handling bug by returning an error pointer in case device-id
> allocation failed. This is clearly broken as the callers still expected
> NULL to be returned on errors as detected by Dan's static checker.
> 
> Fix this up by returning NULL in the event that we've run out of memory
> when allocating a new device id.
> 
> Note that the offending commit is marked for stable (3.8) so this fix
> needs to be backported along with it.
> 
> Fixes: 20777bc57c34 ("NFC: fix broken device allocation")
> Cc: stable <stable@vger.kernel.org>	# 3.8
> Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
> Signed-off-by: Johan Hovold <johan@kernel.org>
> ---
>  net/nfc/core.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
Applied, thanks for the fix.

Cheers,
Samuel.
diff mbox

Patch

diff --git a/net/nfc/core.c b/net/nfc/core.c
index 5cf33df888c3..c699d64a0753 100644
--- a/net/nfc/core.c
+++ b/net/nfc/core.c
@@ -1106,7 +1106,7 @@  struct nfc_dev *nfc_allocate_device(struct nfc_ops *ops,
 err_free_dev:
 	kfree(dev);
 
-	return ERR_PTR(rc);
+	return NULL;
 }
 EXPORT_SYMBOL(nfc_allocate_device);