From: Colin King <colin.king@xxxxxxxxxxxxx>
Date: Wed, 1 Aug 2018 17:39:47 +0100
> From: Colin Ian King <colin.king@xxxxxxxxxxxxx>
>
> If skb fails to be allocated with the call to build_skb then a
> null pointer dereference will occur on the call to skb_reserve.
> Fix this by checking for a null skb and returning NULL.
>
> Detected by CoverityScan, CID#1469485 ("Dereference null return value")
>
> Fixes: 8a8633978b84 ("qede: Add build_skb() support.")
> Signed-off-by: Colin Ian King <colin.king@xxxxxxxxxxxxx>
This is in no way sufficient.
The caller doesn't check the return value, so you're just pushing
the problem one function level up.
In fact, the caller is going to take a reference on the page
whether this returns NULL or not, thus leaking that memory.
The whole call chain needs to be fixed to handle build_skb()
errors, not just this one function.
Thanks.
--
To unsubscribe from this list: send the line "unsubscribe kernel-janitors" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
