If bus = kzalloc() fails then we end up dereferencing bus when we do
"bus->irq[i] = PHY_POLL;". The code is a little simpler if we reverse
the NULL check and return directly on failure.
Fixes: e7f4dc3536a4 ('mdio: Move allocation of interrupts into core')
Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
diff --git a/drivers/net/phy/mdio_bus.c b/drivers/net/phy/mdio_bus.c
index 0be7b3d..0cba64f 100644
--- a/drivers/net/phy/mdio_bus.c
+++ b/drivers/net/phy/mdio_bus.c
@@ -102,11 +102,12 @@ struct mii_bus *mdiobus_alloc_size(size_t size)
alloc_size = sizeof(*bus);
bus = kzalloc(alloc_size, GFP_KERNEL);
- if (bus) {
- bus->state = MDIOBUS_ALLOCATED;
- if (size)
- bus->priv = (void *)bus + aligned_size;
- }
+ if (!bus)
+ return NULL;
+
+ bus->state = MDIOBUS_ALLOCATED;
+ if (size)
+ bus->priv = (void *)bus + aligned_size;
/* Initialise the interrupts to polling */
for (i = 0; i < PHY_MAX_ADDR; i++)
--
To unsubscribe from this list: send the line "unsubscribe kernel-janitors" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
