From e12892070184ee782c207f09722a93d0236be955 Mon Sep 17 00:00:00 2001 From: Xiubo Li Date: Mon, 19 May 2014 15:13:45 +0800 Subject: [PATCH] regmap: irq: Fix possible ZERO_SIZE_PTR pointer dereferencing error. Since we cannot make sure the 'chip->num_regs' will always be none zero from the users, and then if 'chip->num_regs' equals to zero by mistake or other reasons, the kzalloc() will return ZERO_SIZE_PTR, which equals to ((void *)16). So this patch fix this with just checking the 'chip->num_regs' before calling kzalloc(). This also sorts the header files in alphabetical order at the same time. Signed-off-by: Xiubo Li Signed-off-by: Mark Brown --- drivers/base/regmap/regmap-irq.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/drivers/base/regmap/regmap-irq.c b/drivers/base/regmap/regmap-irq.c index edf88f20cbce..6299a50a5960 100644 --- a/drivers/base/regmap/regmap-irq.c +++ b/drivers/base/regmap/regmap-irq.c @@ -10,13 +10,13 @@ * published by the Free Software Foundation. */ -#include #include -#include -#include +#include #include +#include #include #include +#include #include #include "internal.h" @@ -347,6 +347,9 @@ int regmap_add_irq_chip(struct regmap *map, int irq, int irq_flags, int ret = -ENOMEM; u32 reg; + if (chip->num_regs <= 0) + return -EINVAL; + for (i = 0; i < chip->num_irqs; i++) { if (chip->irqs[i].reg_offset % map->reg_stride) return -EINVAL; -- 2.34.1