Hi John,
The alloc_skb function returns NULL on error. So, test this case and avoid a NULL dereference (skb->data).
Addresses-Coverity-ID: 1484718 ("Dereference null return value") Fixes: afd2daa26c7ab ("Bluetooth: Add support for virtio transport driver") Signed-off-by: John Wood john.wood@gmx.com
drivers/bluetooth/virtio_bt.c | 2 ++ 1 file changed, 2 insertions(+)
diff --git a/drivers/bluetooth/virtio_bt.c b/drivers/bluetooth/virtio_bt.c index c804db7e90f8..5f82574236c0 100644 --- a/drivers/bluetooth/virtio_bt.c +++ b/drivers/bluetooth/virtio_bt.c @@ -34,6 +34,8 @@ static int virtbt_add_inbuf(struct virtio_bluetooth *vbt) int err;
skb = alloc_skb(1000, GFP_KERNEL);
- if (!skb)
sg_init_one(sg, skb->data, 1000);return -ENOMEM;
this is already fixed.
Author: Colin Ian King colin.king@canonical.com Date: Fri Apr 9 17:53:14 2021 +0100
Bluetooth: virtio_bt: add missing null pointer check on alloc_skb call return
The call to alloc_skb with the GFP_KERNEL flag can return a null sk_buff pointer, so add a null check to avoid any null pointer deference issues.
Addresses-Coverity: ("Dereference null return value") Fixes: afd2daa26c7a ("Bluetooth: Add support for virtio transport driver") Signed-off-by: Colin Ian King colin.king@canonical.com Signed-off-by: Marcel Holtmann marcel@holtmann.org
Regards
Marcel