mm/z3fold: fix possible null pointer dereferencing

alloc_slots could fail to allocate memory under heavy memory pressure. So we should check zhdr->slots against NULL to avoid future null pointer dereferencing. Link: https://lkml.kernel.org/r/[email protected] Fixes: fc54886 ("z3fold: simplify freeing slots") Signed-off-by: Miaohe Lin <[email protected]> Reviewed-by: Vitaly Wool <[email protected]> Signed-off-by: Andrew Morton <[email protected]>
nbdd0121 · May 27, 2022 · 7c61c35 · 7c61c35
1 parent 4c6bdb3
commit 7c61c35
Showing 1 changed file with 11 additions and 1 deletion.
diff --git a/mm/z3fold.c b/mm/z3fold.c
@@ -940,9 +940,19 @@ static inline struct z3fold_header *__z3fold_alloc(struct z3fold_pool *pool,
 		}
 	}
 
-	if (zhdr && !zhdr->slots)
+	if (zhdr && !zhdr->slots) {
 		zhdr->slots = alloc_slots(pool, GFP_ATOMIC);
+		if (!zhdr->slots)
+			goto out_fail;
+	}
 	return zhdr;
+
+out_fail:
+	if (!kref_put(&zhdr->refcount, release_z3fold_page_locked)) {
+		add_to_unbuddied(pool, zhdr);
+		z3fold_page_unlock(zhdr);
+	}
+	return NULL;
 }
 
 /*