When checking new_vma limits to ensure they are not within where the copy of the vma will be placed, ensure new_vma is not NULL. Fixes: ded0cf440d9b (mm: remove the vma linked list) Reported-by: Yu Zhao <yuzhao@xxxxxxxxxx> Signed-off-by: Liam R. Howlett <Liam.Howlett@xxxxxxxxxx> --- mm/mmap.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mm/mmap.c b/mm/mmap.c index dacc01b0126a..9eb663cde5c7 100644 --- a/mm/mmap.c +++ b/mm/mmap.c @@ -3293,7 +3293,7 @@ struct vm_area_struct *copy_vma(struct vm_area_struct **vmap, } new_vma = find_vma_prev(mm, addr, &prev); - if (new_vma->vm_start < addr + len) + if (new_vma && new_vma->vm_start < addr + len) return NULL; /* should never get here */ new_vma = vma_merge(mm, prev, addr, addr + len, vma->vm_flags, -- 2.35.1
