On 1/28/22 19:11, Greg KH wrote: > On Tue, Jan 25, 2022 at 12:45:25AM +0800, Zhou Qingyang wrote: >> In __pata_platform_probe(), devm_kzalloc() is assigned to ap->ops and >> there is a dereference of it right after that, which could introduce a >> NULL pointer dereference bug. >> >> Fix this by adding a NULL check of ap->ops. >> >> This bug was found by a static analyzer. >> >> Builds with 'make allyesconfig' show no new warnings, >> and our static analyzer no longer warns about this code. >> >> Fixes: f3d5e4f18dba ("ata: pata_of_platform: Allow to use 16-bit wide data transfer") >> Signed-off-by: Zhou Qingyang <zhou1615@xxxxxxx> >> --- > > As stated in the past, please do not make contributions to the Linux > kernel until umn.edu has properly resolved its development issues. Aouch. My apologies. I forgot about this. Thank you for the reminder. > >> The analysis employs differential checking to identify inconsistent >> security operations (e.g., checks or kfrees) between two code paths >> and confirms that the inconsistent operations are not recovered in the >> current function or the callers, so they constitute bugs. >> >> Note that, as a bug found by static analysis, it can be a false >> positive or hard to trigger. Multiple researchers have cross-reviewed >> the bug. >> >> drivers/ata/pata_platform.c | 2 ++ >> 1 file changed, 2 insertions(+) >> >> diff --git a/drivers/ata/pata_platform.c b/drivers/ata/pata_platform.c >> index 028329428b75..021ef9cbcbc1 100644 >> --- a/drivers/ata/pata_platform.c >> +++ b/drivers/ata/pata_platform.c >> @@ -128,6 +128,8 @@ int __pata_platform_probe(struct device *dev, struct resource *io_res, >> ap = host->ports[0]; >> >> ap->ops = devm_kzalloc(dev, sizeof(*ap->ops), GFP_KERNEL); >> + if (ap->ops) >> + return -ENOMEM; > > This change seems to leak memory. Damien, please revert it. I fixed the patch when applying, so there is no leak. This is a genuine (potential) bug fix. Must I revert ? Is the "no contribution from umn.edu" an unbreakable rule ? > > thanks, > > greg k-h -- Damien Le Moal Western Digital Research