Since we cannot make sure the 'data_len' will always be none zero here, and then if 'data_len' equals to zero, the kzalloc() will return ZERO_SIZE_PTR, which equals to ((void *)16). So this patch fix this with just doing the 'data_len' zero check before calling kzalloc(). Signed-off-by: Xiubo Li <Li.Xiubo@xxxxxxxxxxxxx> --- drivers/i2c/i2c-acpi.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/i2c/i2c-acpi.c b/drivers/i2c/i2c-acpi.c index e8b6196..e144c00 100644 --- a/drivers/i2c/i2c-acpi.c +++ b/drivers/i2c/i2c-acpi.c @@ -134,6 +134,9 @@ static int acpi_gsb_i2c_read_bytes(struct i2c_client *client, int ret; u8 *buffer; + if (!data_len) + return -EINVAL; + buffer = kzalloc(data_len, GFP_KERNEL); if (!buffer) return AE_NO_MEMORY; -- 1.8.5 -- To unsubscribe from this list: send the line "unsubscribe linux-i2c" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
