1 From foo@baz Mon Apr 15 07:47:06 CEST 2019
2 From: Li RongQing <lirongqing@baidu.com>
3 Date: Fri, 29 Mar 2019 09:18:02 +0800
4 Subject: net: ethtool: not call vzalloc for zero sized memory request
6 From: Li RongQing <lirongqing@baidu.com>
8 [ Upstream commit 3d8830266ffc28c16032b859e38a0252e014b631 ]
10 NULL or ZERO_SIZE_PTR will be returned for zero sized memory
11 request, and derefencing them will lead to a segfault
13 so it is unnecessory to call vzalloc for zero sized memory
14 request and not call functions which maybe derefence the
17 this also fixes a possible memory leak if phy_ethtool_get_stats
18 returns error, memory should be freed before exit
20 Signed-off-by: Li RongQing <lirongqing@baidu.com>
21 Reviewed-by: Wang Li <wangli39@baidu.com>
22 Reviewed-by: Michal Kubecek <mkubecek@suse.cz>
23 Signed-off-by: David S. Miller <davem@davemloft.net>
24 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
26 net/core/ethtool.c | 43 +++++++++++++++++++++++++++----------------
27 1 file changed, 27 insertions(+), 16 deletions(-)
29 --- a/net/core/ethtool.c
30 +++ b/net/core/ethtool.c
31 @@ -1815,11 +1815,15 @@ static int ethtool_get_strings(struct ne
35 - data = vzalloc(gstrings.len * ETH_GSTRING_LEN);
36 - if (gstrings.len && !data)
39 + data = vzalloc(gstrings.len * ETH_GSTRING_LEN);
43 - __ethtool_get_strings(dev, gstrings.string_set, data);
44 + __ethtool_get_strings(dev, gstrings.string_set, data);
50 if (copy_to_user(useraddr, &gstrings, sizeof(gstrings)))
51 @@ -1915,11 +1919,14 @@ static int ethtool_get_stats(struct net_
54 stats.n_stats = n_stats;
55 - data = vzalloc(n_stats * sizeof(u64));
56 - if (n_stats && !data)
59 - ops->get_ethtool_stats(dev, &stats, data);
61 + data = vzalloc(n_stats * sizeof(u64));
64 + ops->get_ethtool_stats(dev, &stats, data);
70 if (copy_to_user(useraddr, &stats, sizeof(stats)))
71 @@ -1955,13 +1962,17 @@ static int ethtool_get_phy_stats(struct
74 stats.n_stats = n_stats;
75 - data = vzalloc(n_stats * sizeof(u64));
76 - if (n_stats && !data)
79 - mutex_lock(&phydev->lock);
80 - phydev->drv->get_stats(phydev, &stats, data);
81 - mutex_unlock(&phydev->lock);
83 + data = vzalloc(n_stats * sizeof(u64));
87 + mutex_lock(&phydev->lock);
88 + phydev->drv->get_stats(phydev, &stats, data);
89 + mutex_unlock(&phydev->lock);
95 if (copy_to_user(useraddr, &stats, sizeof(stats)))