Don't actually allocate anything if userspace enqueues a zero-length buffer. Otherwise vmalloc of zero-sized area will be attempted in ffs_build_sg_list().
Signed-off-by: Andrzej Pietrasiewicz <[email protected]> --- drivers/usb/gadget/function/f_fs.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/drivers/usb/gadget/function/f_fs.c b/drivers/usb/gadget/function/f_fs.c index 08357c5dd026..5cecfe3e9395 100644 --- a/drivers/usb/gadget/function/f_fs.c +++ b/drivers/usb/gadget/function/f_fs.c @@ -797,6 +797,9 @@ static void *ffs_build_sg_list(struct sg_table *sgt, size_t sz) static inline void *ffs_alloc_buffer(struct ffs_io_data *io_data, size_t data_len) { + if (!data_len) + return ZERO_SIZE_PTR; + if (io_data->use_sg) return ffs_build_sg_list(&io_data->sgt, data_len); @@ -805,7 +808,7 @@ static inline void *ffs_alloc_buffer(struct ffs_io_data *io_data, static inline void ffs_free_buffer(struct ffs_io_data *io_data) { - if (!io_data->buf) + if (ZERO_OR_NULL_PTR(io_data->buf)) return; if (io_data->use_sg) { -- 2.17.1
