Message ID | tencent_4A21A2865B8B0A0D12CAEBEB84708EDDB505@qq.com |
---|---|
State | New |
Headers | show |
Series | ACPICA: ACPICA: check null return of ACPI_ALLOCATE_ZEROED in acpi_db_convert_to_package ACPICA commit 4d4547cf13cca820ff7e0f859ba83e1a610b9fd0 | expand |
On Thu, Jul 18, 2024 at 8:12 AM <xiaopeitux@foxmail.com> wrote: > > From: Pei Xiao <xiaopei01@kylinos.cn> > > ACPI_ALLOCATE_ZEROED may fails, elements might be null and will cause > null pointer dereference later. > > Link: https://github.com/acpica/acpica/commit/4d4547cf > Signed-off-by: Pei Xiao <xiaopei01@kylinos.cn> > --- > drivers/acpi/acpica/dbconvert.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/drivers/acpi/acpica/dbconvert.c b/drivers/acpi/acpica/dbconvert.c > index 2b84ac093698..8dbab6932049 100644 > --- a/drivers/acpi/acpica/dbconvert.c > +++ b/drivers/acpi/acpica/dbconvert.c > @@ -174,6 +174,8 @@ acpi_status acpi_db_convert_to_package(char *string, union acpi_object *object) > elements = > ACPI_ALLOCATE_ZEROED(DB_DEFAULT_PKG_ELEMENTS * > sizeof(union acpi_object)); > + if (!elements) > + return (AE_NO_MEMORY); > > this = string; > for (i = 0; i < (DB_DEFAULT_PKG_ELEMENTS - 1); i++) { > -- Applied (with edited subject and changelog) as 6.12 material, thanks!
diff --git a/drivers/acpi/acpica/dbconvert.c b/drivers/acpi/acpica/dbconvert.c index 2b84ac093698..8dbab6932049 100644 --- a/drivers/acpi/acpica/dbconvert.c +++ b/drivers/acpi/acpica/dbconvert.c @@ -174,6 +174,8 @@ acpi_status acpi_db_convert_to_package(char *string, union acpi_object *object) elements = ACPI_ALLOCATE_ZEROED(DB_DEFAULT_PKG_ELEMENTS * sizeof(union acpi_object)); + if (!elements) + return (AE_NO_MEMORY); this = string; for (i = 0; i < (DB_DEFAULT_PKG_ELEMENTS - 1); i++) {