Don't actually allocate anything if userspace enqueues a zero-length
buffer. Otherwise vmalloc of zero-sized area will be attempted in
ffs_build_sg_list().
Signed-off-by: Andrzej Pietrasiewicz <andrzej.p@xxxxxxxxxxxxx>
---
drivers/usb/gadget/function/f_fs.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/drivers/usb/gadget/function/f_fs.c b/drivers/usb/gadget/function/f_fs.c
index 08357c5dd026..5cecfe3e9395 100644
--- a/drivers/usb/gadget/function/f_fs.c
+++ b/drivers/usb/gadget/function/f_fs.c
@@ -797,6 +797,9 @@ static void *ffs_build_sg_list(struct sg_table *sgt, size_t sz)
static inline void *ffs_alloc_buffer(struct ffs_io_data *io_data,
size_t data_len)
{
+ if (!data_len)
+ return ZERO_SIZE_PTR;
+
if (io_data->use_sg)
return ffs_build_sg_list(&io_data->sgt, data_len);
@@ -805,7 +808,7 @@ static inline void *ffs_alloc_buffer(struct ffs_io_data *io_data,
static inline void ffs_free_buffer(struct ffs_io_data *io_data)
{
- if (!io_data->buf)
+ if (ZERO_OR_NULL_PTR(io_data->buf))
return;
if (io_data->use_sg) {
--
2.17.1
