[PATCH 05/24] staging: wilc1000: removes potential null dereference

Leo Kim leo.kim at atmel.com
Thu Feb 18 07:27:16 UTC 2016


This patch removes the error reported by smatch.
 - wilc_wfi_cfgoperations.c:674 scan() error:
   potential null dereference 'strHiddenNetwork.net_info'.  (kmalloc returns null)
 - wilc_wfi_cfgoperations.c:1164 add_key() error:
   potential null dereference 'g_key_gtk_params.key'.  (kmalloc returns null)
 - wilc_wfi_cfgoperations.c:1201 add_key() error:
   potential null dereference 'g_key_ptk_params.key'.  (kmalloc returns null)

Signed-off-by: Leo Kim <leo.kim at atmel.com>
---
 drivers/staging/wilc1000/wilc_wfi_cfgoperations.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/drivers/staging/wilc1000/wilc_wfi_cfgoperations.c b/drivers/staging/wilc1000/wilc_wfi_cfgoperations.c
index d4705b7..ce3d0f7 100644
--- a/drivers/staging/wilc1000/wilc_wfi_cfgoperations.c
+++ b/drivers/staging/wilc1000/wilc_wfi_cfgoperations.c
@@ -665,6 +665,8 @@ static int scan(struct wiphy *wiphy, struct cfg80211_scan_request *request)
 
 		if (request->n_ssids >= 1) {
 			strHiddenNetwork.net_info = kmalloc(request->n_ssids * sizeof(struct hidden_network), GFP_KERNEL);
+			if (!strHiddenNetwork.net_info)
+				return -ENOMEM;
 			strHiddenNetwork.n_ssids = request->n_ssids;
 
 
@@ -1154,6 +1156,8 @@ static int add_key(struct wiphy *wiphy, struct net_device *netdev, u8 key_index,
 					g_key_gtk_params.key_len = params->key_len;
 					g_key_gtk_params.seq_len = params->seq_len;
 					g_key_gtk_params.key =  kmalloc(params->key_len, GFP_KERNEL);
+					if (!g_key_gtk_params.key)
+						return -ENOMEM;
 					memcpy(g_key_gtk_params.key, params->key, params->key_len);
 					if (params->seq_len > 0) {
 						g_key_gtk_params.seq =  kmalloc(params->seq_len, GFP_KERNEL);
@@ -1191,6 +1195,8 @@ static int add_key(struct wiphy *wiphy, struct net_device *netdev, u8 key_index,
 					g_key_ptk_params.key_len = params->key_len;
 					g_key_ptk_params.seq_len = params->seq_len;
 					g_key_ptk_params.key =  kmalloc(params->key_len, GFP_KERNEL);
+					if (!g_key_ptk_params.key)
+						return -ENOMEM;
 					memcpy(g_key_ptk_params.key, params->key, params->key_len);
 					if (params->seq_len > 0) {
 						g_key_ptk_params.seq =  kmalloc(params->seq_len, GFP_KERNEL);
-- 
1.9.1



More information about the devel mailing list