parse_synth_field() returns a pointer and requires that errors get
surrounded by ERR_PTR(). The ret variable is initialized to zero, but should
never be used as zero, and if it is, it could cause a false return code and
produce a NULL pointer dereference. It makes no sense to set ret to zero.
Set ret to -ENOMEM (the most common error case), and have any other errors
set it to something else. This removes the need to initialize ret on *every*
error branch.
Fixes:
761a8c58db6b ("tracing, synthetic events: Replace buggy strcat() with seq_buf operations")
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
{
struct synth_field *field;
const char *prefix = NULL, *field_type = argv[0], *field_name, *array;
{
struct synth_field *field;
const char *prefix = NULL, *field_type = argv[0], *field_name, *array;
+ int len, ret = -ENOMEM;
struct seq_buf s;
ssize_t size;
struct seq_buf s;
ssize_t size;
len--;
field->name = kmemdup_nul(field_name, len, GFP_KERNEL);
len--;
field->name = kmemdup_nul(field_name, len, GFP_KERNEL);
- if (!field->name) {
- ret = -ENOMEM;
if (!is_good_name(field->name)) {
synth_err(SYNTH_ERR_BAD_NAME, errpos(field_name));
ret = -EINVAL;
if (!is_good_name(field->name)) {
synth_err(SYNTH_ERR_BAD_NAME, errpos(field_name));
ret = -EINVAL;
len += strlen(prefix);
field->type = kzalloc(len, GFP_KERNEL);
len += strlen(prefix);
field->type = kzalloc(len, GFP_KERNEL);
- if (!field->type) {
- ret = -ENOMEM;
seq_buf_init(&s, field->type, len);
if (prefix)
seq_buf_puts(&s, prefix);
seq_buf_init(&s, field->type, len);
if (prefix)
seq_buf_puts(&s, prefix);
}
if (WARN_ON_ONCE(!seq_buf_buffer_left(&s)))
goto free;
}
if (WARN_ON_ONCE(!seq_buf_buffer_left(&s)))
goto free;
s.buffer[s.len] = '\0';
size = synth_field_size(field->type);
s.buffer[s.len] = '\0';
size = synth_field_size(field->type);
len = sizeof("__data_loc ") + strlen(field->type) + 1;
type = kzalloc(len, GFP_KERNEL);
len = sizeof("__data_loc ") + strlen(field->type) + 1;
type = kzalloc(len, GFP_KERNEL);
- if (!type) {
- ret = -ENOMEM;
seq_buf_init(&s, type, len);
seq_buf_puts(&s, "__data_loc ");
seq_buf_init(&s, type, len);
seq_buf_puts(&s, "__data_loc ");