| Message ID | 20231117201606.1955-2-kamil.duljas@gmail.com |
|---|---|
| State | New |
| Headers | show |
| Series | ASoC: SOF: acp: Add prevent against NULL | expand |
On Fri, Nov 17, 2023 at 09:16:06PM +0100, Kamil Duljas wrote: > adata->fw_code_bin = kasprintf(GFP_KERNEL, "%s/sof-%s-code.bin", > - plat_data->fw_filename_prefix, > - chip->name); > + plat_data->fw_filename_prefix, > + chip->name); Plese don't include spurious indentation changes like this, it just makes the diff much harder to read. > + if (!adata->fw_code_bin) > + return -ENOMEM; > adata->fw_data_bin = kasprintf(GFP_KERNEL, "%s/sof-%s-data.bin", > - plat_data->fw_filename_prefix, > - chip->name); > + plat_data->fw_filename_prefix, > + chip->name); > + if (!adata->fw_data_bin) > + return -ENOMEM; This now leaks the code binary...
diff --git a/sound/soc/sof/amd/acp.c b/sound/soc/sof/amd/acp.c index 603ea5fc0d0d..c60a3e28b5f3 100644 --- a/sound/soc/sof/amd/acp.c +++ b/sound/soc/sof/amd/acp.c @@ -548,11 +548,15 @@ int amd_sof_acp_probe(struct snd_sof_dev *sdev) dmi_id = dmi_first_match(acp_sof_quirk_table); if (dmi_id && dmi_id->driver_data) { adata->fw_code_bin = kasprintf(GFP_KERNEL, "%s/sof-%s-code.bin", - plat_data->fw_filename_prefix, - chip->name); + plat_data->fw_filename_prefix, + chip->name); + if (!adata->fw_code_bin) + return -ENOMEM; adata->fw_data_bin = kasprintf(GFP_KERNEL, "%s/sof-%s-data.bin", - plat_data->fw_filename_prefix, - chip->name); + plat_data->fw_filename_prefix, + chip->name); + if (!adata->fw_data_bin) + return -ENOMEM; adata->signed_fw_image = dmi_id->driver_data; dev_dbg(sdev->dev, "fw_code_bin:%s, fw_data_bin:%s\n", adata->fw_code_bin,
When kasprintf function fail, then NULL is returned. The callers dereference them without null checked. Signed-off-by: Kamil Duljas <kamil.duljas@gmail.com> --- sound/soc/sof/amd/acp.c | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-)