On Thu, Nov 02, 2023 at 02:01:44PM +0530, Anshuman Khandual wrote: > On 11/2/23 13:22, Dan Carpenter wrote: > > desc.pdata = devm_kzalloc(dev, sizeof(*desc.pdata), GFP_KERNEL); > > - if (IS_ERR(desc.pdata)) > > + if (!desc.pdata) > > Although this might not be applicable here, given the input size is always > valid, devm_kzalloc() might also return ZERO_SIZE_PTR as well. > > /* > * ZERO_SIZE_PTR will be returned for zero sized kmalloc requests. > * > * Dereferencing ZERO_SIZE_PTR will lead to a distinct access fault. > * > * ZERO_SIZE_PTR can be passed to kfree though in the same way that NULL can. > * Both make kfree a no-op. > */ > #define ZERO_SIZE_PTR ((void *)16) > > #define ZERO_OR_NULL_PTR(x) ((unsigned long)(x) <= \ > (unsigned long)ZERO_SIZE_PTR) > > Hence should ZERO_OR_NULL_PTR() check be used instead ? It doesn't apply here and generally you should validate the size instead of using ZERO_OR_NULL_PTR(). The ZERO_SIZE_PTR is actually a really kind of magical innovation because it lets you allocate zero element arrays successfully. So kmalloc() should just be checked for NULL because you normally want zero element arrays to work without creating a special case for that. If not, then check the size before the allocation. The big problem with zero element arrays is in strings. People do stuff like. str = kmalloc(size); <-- size is zero from the user copy_from_user(str, buf, size); str[size - 1] = '\0'; <-- crash Better to do: str = strndup_user(buf, size); regards, dan carpenter
