diff mbox series

[next] net/mlx5e: Fix potential null pointer dereference

Message ID 20200925164913.GA18472@embeddedor
State New
Headers show
Series [next] net/mlx5e: Fix potential null pointer dereference | expand

Commit Message

Gustavo A. R. Silva Sept. 25, 2020, 4:49 p.m. UTC
Calls to kzalloc() and kvzalloc() should be null-checked
in order to avoid any potential failures. In this case,
a potential null pointer dereference.

Fix this by adding null checks for _parse_attr_ and _flow_
right after allocation.

Addresses-Coverity-ID: 1497154 ("Dereference before null check")
Fixes: c620b772152b ("net/mlx5: Refactor tc flow attributes structure")
Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
---
 drivers/net/ethernet/mellanox/mlx5/core/en_tc.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

Comments

Leon Romanovsky Sept. 28, 2020, 7:38 a.m. UTC | #1
On Fri, Sep 25, 2020 at 11:49:13AM -0500, Gustavo A. R. Silva wrote:
> Calls to kzalloc() and kvzalloc() should be null-checked
> in order to avoid any potential failures. In this case,
> a potential null pointer dereference.
>
> Fix this by adding null checks for _parse_attr_ and _flow_
> right after allocation.
>
> Addresses-Coverity-ID: 1497154 ("Dereference before null check")
> Fixes: c620b772152b ("net/mlx5: Refactor tc flow attributes structure")
> Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
> ---
>  drivers/net/ethernet/mellanox/mlx5/core/en_tc.c | 10 ++++++----
>  1 file changed, 6 insertions(+), 4 deletions(-)
>

Thanks,
Reviewed-by: Leon Romanovsky <leonro@nvidia.com>
Saeed Mahameed Sept. 28, 2020, 11:22 p.m. UTC | #2
On Fri, 2020-09-25 at 11:49 -0500, Gustavo A. R. Silva wrote:
> Calls to kzalloc() and kvzalloc() should be null-checked
> in order to avoid any potential failures. In this case,
> a potential null pointer dereference.
> 
> Fix this by adding null checks for _parse_attr_ and _flow_
> right after allocation.
> 
> Addresses-Coverity-ID: 1497154 ("Dereference before null check")
> Fixes: c620b772152b ("net/mlx5: Refactor tc flow attributes
> structure")
> Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
> ---
> 

Applied to net-next-mlx5.
Thanks.
Gustavo A. R. Silva Sept. 29, 2020, 1:13 p.m. UTC | #3
On Mon, Sep 28, 2020 at 04:22:33PM -0700, Saeed Mahameed wrote:
> On Fri, 2020-09-25 at 11:49 -0500, Gustavo A. R. Silva wrote:
> > Calls to kzalloc() and kvzalloc() should be null-checked
> > in order to avoid any potential failures. In this case,
> > a potential null pointer dereference.
> > 
> > Fix this by adding null checks for _parse_attr_ and _flow_
> > right after allocation.
> > 
> > Addresses-Coverity-ID: 1497154 ("Dereference before null check")
> > Fixes: c620b772152b ("net/mlx5: Refactor tc flow attributes
> > structure")
> > Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
> > ---
> > 
> 
> Applied to net-next-mlx5.

Thank you both. :)
--
Gustavo
diff mbox series

Patch

diff --git a/drivers/net/ethernet/mellanox/mlx5/core/en_tc.c b/drivers/net/ethernet/mellanox/mlx5/core/en_tc.c
index f815b0c60a6c..fb27154bfddb 100644
--- a/drivers/net/ethernet/mellanox/mlx5/core/en_tc.c
+++ b/drivers/net/ethernet/mellanox/mlx5/core/en_tc.c
@@ -4534,20 +4534,22 @@  mlx5e_alloc_flow(struct mlx5e_priv *priv, int attr_size,
 	struct mlx5e_tc_flow_parse_attr *parse_attr;
 	struct mlx5_flow_attr *attr;
 	struct mlx5e_tc_flow *flow;
-	int out_index, err;
+	int err = -ENOMEM;
+	int out_index;
 
 	flow = kzalloc(sizeof(*flow), GFP_KERNEL);
 	parse_attr = kvzalloc(sizeof(*parse_attr), GFP_KERNEL);
+	if (!parse_attr || !flow)
+		goto err_free;
 
 	flow->flags = flow_flags;
 	flow->cookie = f->cookie;
 	flow->priv = priv;
 
 	attr = mlx5_alloc_flow_attr(get_flow_name_space(flow));
-	if (!parse_attr || !flow || !attr) {
-		err = -ENOMEM;
+	if (!attr)
 		goto err_free;
-	}
+
 	flow->attr = attr;
 
 	for (out_index = 0; out_index < MLX5_MAX_FLOW_FWD_VPORTS; out_index++)