diff mbox

[2/3] mfd: ab8500-debugfs: Apply a check for -ENOMEM after allocating memory for event name

Message ID 1374243017-8515-2-git-send-email-lee.jones@linaro.org
State Accepted
Commit d551c4c43ccac3ef272e10ac23a64eaac16c23fd
Headers show

Commit Message

Lee Jones July 19, 2013, 2:10 p.m. UTC 
The AB8500 debugfs driver allocates memory to contain the name of a new sysfs
entry, but fails to apply the proper post-allocation checks. If the device
were to run out of memory, the allocation would return NULL. Without the
correct checks the driver will continue to populate address NULL with the
specified device name which would obviously cause a pointer dereference Oops.

Signed-off-by: Lee Jones <lee.jones@linaro.org>
---
 drivers/mfd/ab8500-debugfs.c | 3 +++
 1 file changed, 3 insertions(+)
diff mbox

Patch

diff --git a/drivers/mfd/ab8500-debugfs.c b/drivers/mfd/ab8500-debugfs.c
index c8298b2..30fcb0c 100644
--- a/drivers/mfd/ab8500-debugfs.c
+++ b/drivers/mfd/ab8500-debugfs.c
@@ -2804,6 +2804,9 @@  static ssize_t ab8500_subscribe_write(struct file *file,
 		return -ENOMEM;
 
 	event_name[irq_index] = kmalloc(count, GFP_KERNEL);
+	if (!event_name[irq_index])
+		return -ENOMEM;
+
 	sprintf(event_name[irq_index], "%lu", user_val);
 	dev_attr[irq_index]->show = show_irq;
 	dev_attr[irq_index]->store = NULL;