On Thu, Jun 02, 2016 at 10:59:56AM +0800, Xiubo Li wrote: > Since we cannot make sure that the 'hook_mask' will always be none > zero here. If it equals to zero, the num_hooks will be zero too, > and then kmalloc() will return ZERO_SIZE_PTR, which is (void *)16. > > Then the following error check will fails: > ops = kmalloc(sizeof(*ops) * num_hooks, GFP_KERNEL); > if (ops == NULL) > return ERR_PTR(-ENOMEM); > > So this patch will fix this with just doing the zero check before > kmalloc() is called. > > Maybe the case above will never happen here, but in theory. Applied, thanks. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html