power: supply: max17040: fix null-ptr-deref in max17040_probe()

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Add check the return value of devm_regmap_init_i2c(), otherwise
later access may cause null-ptr-deref as follows:

KASAN: null-ptr-deref in range [0x0000000000000360-0x0000000000000367]
RIP: 0010:regmap_read+0x33/0x170
Call Trace:
max17040_probe+0x61b/0xff0 [max17040_battery]
? write_comp_data+0x2a/0x90
? max17040_set_property+0x1d0/0x1d0 [max17040_battery]
? tracer_hardirqs_on+0x33/0x520
? __sanitizer_cov_trace_pc+0x1d/0x50
? _raw_spin_unlock_irqrestore+0x4b/0x60
? trace_hardirqs_on+0x63/0x2d0
? write_comp_data+0x2a/0x90
? __sanitizer_cov_trace_pc+0x1d/0x50
? max17040_set_property+0x1d0/0x1d0 [max17040_battery]
i2c_device_probe+0xa31/0xbe0

Fixes: 6455a8a84bdf ("power: supply: max17040: Use regmap i2c")
Reported-by: Hulk Robot <hulkci@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>
Reviewed-by: Krzysztof Kozlowski <krzysztof.kozlowski@canonical.com>
Signed-off-by: Sebastian Reichel <sebastian.reichel@collabora.com>

authored by

Yang Yingliang and committed by

Sebastian Reichel 4 years ago 1d422ecf bf895295

1 changed file

expand all

drivers

power

supply

max17040_battery.c

drivers/power/supply/max17040_battery.c

··· 449 449 450 450 chip->client = client; 451 451 chip->regmap = devm_regmap_init_i2c(client, &max17040_regmap); 452 + if (IS_ERR(chip->regmap)) 453 + return PTR_ERR(chip->regmap); 452 454 chip_id = (enum chip_id) id->driver_data; 453 455 if (client->dev.of_node) { 454 456 ret = max17040_get_of_data(chip);