[PATCH 2/2] Bluetooth: btrtl: fix incorrect skb allocation failure check
Kai-Heng Feng
kai.heng.feng at canonical.com
Fri Nov 13 16:15:52 UTC 2020
From: Colin Ian King <colin.king at canonical.com>
BugLink: https://bugs.launchpad.net/bugs/1904221
Currently the check for a failed bt_skb_alloc allocation is incorrectly
checking using IS_ERR and this can lead to a null pointer dereference. Fix
this by checking for a null pointer return using the !skb idiom.
Addresses-Coverity: ("Dereference null return")
Fixes: 1996d9cad6ad ("Bluetooth: btrtl: Ask 8821C to drop old firmware")
Signed-off-by: Colin Ian King <colin.king at canonical.com>
Signed-off-by: Marcel Holtmann <marcel at holtmann.org>
(cherry picked from commit f5e8e215869eed6163d5fdd309f0e674a0f23df6 linux-next)
Signed-off-by: Kai-Heng Feng <kai.heng.feng at canonical.com>
---
drivers/bluetooth/btrtl.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/bluetooth/btrtl.c b/drivers/bluetooth/btrtl.c
index 37e24bbb2eb4..35fb96dae337 100644
--- a/drivers/bluetooth/btrtl.c
+++ b/drivers/bluetooth/btrtl.c
@@ -598,7 +598,7 @@ struct btrtl_device_info *btrtl_initialize(struct hci_dev *hdev,
cmd[1] = opcode >> 8;
skb = bt_skb_alloc(sizeof(cmd), GFP_KERNEL);
- if (IS_ERR(skb))
+ if (!skb)
goto out_free;
skb_put_data(skb, cmd, sizeof(cmd));
--
2.28.0
More information about the kernel-team
mailing list