ACPI / tables: Fix a NULL pointer dereference in acpi_table_initrd_ov…

…erride() In acpi_table_initrd_override(), the return value of acpi_os_map_memory() is assigned to table and there is a dereference of it after that. acpi_os_map_memory() will return NULL on failure, which may lead to NULL pointer dereference. Fix this bug by adding a NULL check of table. This bug was found by a static analyzer. Builds with 'make allyesconfig' show no new warnings, and our static analyzer no longer warns about this code. Fixes: 5ae74f2 ("ACPI / tables: Move table override mechanisms to tables.c") Signed-off-by: Zhou Qingyang <zhou1615@umn.edu>
0day-ci · Jan 24, 2022 · 924d4e212d2041e2af120ade3599fdc00e0b12fd · 924d4e2
1 parent c83f3ae
commit 924d4e212d2041e2af120ade3599fdc00e0b12fd
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/drivers/acpi/tables.c b/drivers/acpi/tables.c
@@ -706,6 +706,10 @@ static void __init acpi_table_initrd_scan(void)
 	while (table_offset + ACPI_HEADER_SIZE <= all_tables_size) {
 		table = acpi_os_map_memory(acpi_tables_addr + table_offset,
 					   ACPI_HEADER_SIZE);
+		if (!table) {
+			return AE_NO_MEMORY;
+		}
+
 		if (table_offset + table->length > all_tables_size) {
 			acpi_os_unmap_memory(table, ACPI_HEADER_SIZE);
 			WARN_ON(1);