From c95af254f4943100bfd7acf5f1f816052c8e50e6 Mon Sep 17 00:00:00 2001 From: Norman Feske Date: Fri, 20 Aug 2021 16:38:33 +0200 Subject: [PATCH] lx_emul: sanitize size 0 for __kmalloc Driver code such as mfd-core.c may pass 0 as argument n to kcalloc, which eventually results in an allocation size 0. res = kcalloc(cell->num_resources, sizeof(*res), GFP_KERNEL); Since 'res' is checked against NULL for success, kmalloc must not return a NULL pointer in this case. The patch works around this issue by forcing an allocation size of 1 byte in this case. Issue #4253 --- repos/dde_linux/src/lib/lx_emul/shadow/mm/slub.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/repos/dde_linux/src/lib/lx_emul/shadow/mm/slub.c b/repos/dde_linux/src/lib/lx_emul/shadow/mm/slub.c index b8c96f8f2c..422efce51b 100644 --- a/repos/dde_linux/src/lib/lx_emul/shadow/mm/slub.c +++ b/repos/dde_linux/src/lib/lx_emul/shadow/mm/slub.c @@ -32,8 +32,14 @@ void kfree(const void * x) void * __kmalloc(size_t size, gfp_t flags) { + /* Linux expects a non-NULL return value for size 0 */ + if (size == 0) + size = 1; + /* DMA memory is not implemented yet */ - if (flags & GFP_DMA) lx_emul_trace_and_stop(__func__); + if (flags & GFP_DMA) + lx_emul_trace_and_stop(__func__); + return lx_emul_mem_alloc(size); }