Arrays can not have zero elements by definition of the unified device properties. If such property comes from outside we should not allow it to pass. Otherwise memory allocation on 0 length will return non-NULL value, which we currently don't check. Prevent memory allocations of 0 length. Signed-off-by: Andy Shevchenko <andriy.shevchenko@xxxxxxxxxxxxxxx> --- drivers/base/property.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/drivers/base/property.c b/drivers/base/property.c index b3429cc..c359351 100644 --- a/drivers/base/property.c +++ b/drivers/base/property.c @@ -653,6 +653,9 @@ int fwnode_property_match_string(struct fwnode_handle *fwnode, if (nval < 0) return nval; + if (nval == 0) + return -ENODATA; + values = kcalloc(nval, sizeof(*values), GFP_KERNEL); if (!values) return -ENOMEM; @@ -718,6 +721,9 @@ static int pset_copy_entry(struct property_entry *dst, return -ENOMEM; if (src->is_array) { + if (!src->length) + return -ENODATA; + if (src->is_string) { nval = src->length / sizeof(const char *); dst->pointer.str = kcalloc(nval, sizeof(const char *), -- 2.6.4 -- To unsubscribe from this list: send the line "unsubscribe linux-acpi" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html