On Wed, 2017-05-10 at 22:40 +0300, Dan Carpenter wrote:
> In the current code we accidentally return the successful result from
> idr_alloc() instead of a negative error pointer. The caller is
> looking
> for an error pointer and so it treats the returned value as a valid
> pointer.
>
> This one might be a bit serious because if it lets people get around
> the
> kernel's protection for remapping NULL. I'm not sure.
>
> Fixes: 75d2364ea0ca ("PowerCap: Add class driver")
> Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
Reviewed-by: Srinivas Pandruvada <srinivas.pandruvada@xxxxxxxxxxxxxxx>
>
> diff --git a/drivers/powercap/powercap_sys.c
> b/drivers/powercap/powercap_sys.c
> index 14bde0db8c24..5b10b50f8686 100644
> --- a/drivers/powercap/powercap_sys.c
> +++ b/drivers/powercap/powercap_sys.c
> @@ -538,6 +538,7 @@ struct powercap_zone *powercap_register_zone(
>
> power_zone->id = result;
> idr_init(&power_zone->idr);
> + result = -ENOMEM;
> power_zone->name = kstrdup(name, GFP_KERNEL);
> if (!power_zone->name)
> goto err_name_alloc;
--
To unsubscribe from this list: send the line "unsubscribe kernel-janitors" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
