Le 28/08/2017 à 01:09, Waskiewicz Jr, Peter a écrit :
On 8/27/17 2:42 AM, Christophe JAILLET wrote:
Check memory allocation failures and return -ENOMEM in such cases, as
already done for other memory allocations in this function.
This avoids NULL pointers dereference.
Signed-off-by: Christophe JAILLET <christophe.jail...@wanadoo.fr>
---
drivers/net/ethernet/intel/igb/igb_main.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/drivers/net/ethernet/intel/igb/igb_main.c
b/drivers/net/ethernet/intel/igb/igb_main.c
index fd4a46b03cc8..837d9b46a390 100644
--- a/drivers/net/ethernet/intel/igb/igb_main.c
+++ b/drivers/net/ethernet/intel/igb/igb_main.c
@@ -3162,6 +3162,8 @@ static int igb_sw_init(struct igb_adapter *adapter)
/* Setup and initialize a copy of the hw vlan table array */
adapter->shadow_vfta = kcalloc(E1000_VLAN_FILTER_TBL_SIZE, sizeof(u32),
GFP_ATOMIC);
+ if (!adapter->shadow_vfta)
+ return -ENOMEM;
Looks reasonable to me.
A larger issue though I see in this function is that if we return
-ENOMEM here, and if we return -ENOMEM from igb_init_interrupt_scheme()
below on failure, we leak adapter->mac_table (and adapter->shadow_vfta
in the latter). We should add a proper unwind to free up the memory on
failure.
-PJ
Hi,
in fact, there is no leak because the only caller of 'igb_sw_init()'
(i.e. 'igb_probe()'), already frees these resources in case of error,
see [1]
These resources are also freed in 'igb_remove()'.
Best reagrds,
CJ
[1]:
https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/tree/drivers/net/ethernet/intel/igb/igb_main.c#n2775
