Re: [PATCH] chtls_cm.c: fix missing return value check of alloc_skb()

[Herbert Xu]

Jiecheng Wu  wrote:
> Function chtls_close_conn() defined in 
> drivers/crypto/chelsio/chtls/chtls_cm.c calls alloc_skb() to allocate memory 
> for struct sk_buff which is dereferenced immediately. As alloc_skb() may 
> return NULL on failure, this code piece may cause NULL pointer dereference 
> bug.

Please add a sign-off.  You can refer to

Documentation/process/submitting-patches.rst

Thanks,
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

[PATCH] chtls_cm.c: fix missing return value check of alloc_skb()

[Jiecheng Wu]

Function chtls_close_conn() defined in drivers/crypto/chelsio/chtls/chtls_cm.c 
calls alloc_skb() to allocate memory for struct sk_buff which is dereferenced 
immediately. As alloc_skb() may return NULL on failure, this code piece may 
cause NULL pointer dereference bug.
---
 drivers/crypto/chelsio/chtls/chtls_cm.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/drivers/crypto/chelsio/chtls/chtls_cm.c 
b/drivers/crypto/chelsio/chtls/chtls_cm.c
index 0997e16..0e8eec6 100644
--- a/drivers/crypto/chelsio/chtls/chtls_cm.c
+++ b/drivers/crypto/chelsio/chtls/chtls_cm.c
@@ -267,6 +267,8 @@ static void chtls_close_conn(struct sock *sk)
tid = csk->tid;
 
skb = alloc_skb(len, GFP_KERNEL | __GFP_NOFAIL);
+   if (!skb)
+   return -ENOMEM;
req = (struct cpl_close_con_req *)__skb_put(skb, len);
memset(req, 0, len);
req->wr.wr_hi = htonl(FW_WR_OP_V(FW_TP_WR) |
-- 
2.6.4