+ mm-zswap-add-the-flag-can_sleep_mapped-fix-3.patch added to -mm tree

akpm@xxxxxxxxxxxxxxxxxxxx · Thu, 28 Jan 2021 12:49:10 -0800

The patch titled
     Subject: mm/zswap: fix potential uninitialized pointer read on tmp
has been added to the -mm tree.  Its filename is
     mm-zswap-add-the-flag-can_sleep_mapped-fix-3.patch

This patch should soon appear at
    https://ozlabs.org/~akpm/mmots/broken-out/mm-zswap-add-the-flag-can_sleep_mapped-fix-3.patch
and later at
    https://ozlabs.org/~akpm/mmotm/broken-out/mm-zswap-add-the-flag-can_sleep_mapped-fix-3.patch

Before you just go and hit "reply", please:
   a) Consider who else should be cc'ed
   b) Prefer to cc a suitable mailing list as well
   c) Ideally: find the original patch on the mailing list and do a
      reply-to-all to that, adding suitable additional cc's

*** Remember to use Documentation/process/submit-checklist.rst when testing your code ***

The -mm tree is included into linux-next and is updated
there every 3-4 working days

------------------------------------------------------
From: Colin Ian King <colin.king@xxxxxxxxxxxxx>
Subject: mm/zswap: fix potential uninitialized pointer read on tmp

In the case where zpool_can_sleep_mapped(pool) returns 0 then tmp is not
allocated and tmp is then an uninitialized pointer.  Later if entry is
null, tmp is freed, hence free'ing an uninitialized pointer.  Fix this by
ensuring tmp is initialized to NULL.

Link: https://lkml.kernel.org/r/20210128141728.639030-1-colin.king@xxxxxxxxxxxxx
Addresses-Coverity: ("Uninitialized pointer read")
Signed-off-by: Colin Ian King <colin.king@xxxxxxxxxxxxx>
Cc: Seth Jennings <sjenning@xxxxxxxxxx>
Cc: Dan Streetman <ddstreet@xxxxxxxx>
Cc: Vitaly Wool <vitaly.wool@xxxxxxxxxxxx>
Cc: Tian Tao <tiantao6@xxxxxxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
---

 mm/zswap.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

--- a/mm/zswap.c~mm-zswap-add-the-flag-can_sleep_mapped-fix-3
+++ a/mm/zswap.c
@@ -935,7 +935,7 @@ static int zswap_writeback_entry(struct
 	struct scatterlist input, output;
 	struct crypto_acomp_ctx *acomp_ctx;
 
-	u8 *src, *tmp;
+	u8 *src, *tmp = NULL;
 	unsigned int dlen;
 	int ret;
 	struct writeback_control wbc = {
_

Patches currently in -mm which might be from colin.king@xxxxxxxxxxxxx are

mm-zswap-add-the-flag-can_sleep_mapped-fix-3.patch







