ALSA: usb - driver neglects kmalloc return value check and may deref NULL

sound/usb/pcm.c::snd_usb_pcm_check_knot() fails to check the return value
from kmalloc() and may end up dereferencing a null pointer.
The patch below (compile tested only) should take care of that little
problem.

Signed-off-by: Jesper Juhl <jj@chaosbits.net>
Signed-off-by: Takashi Iwai <tiwai@suse.de>

diff --git a/sound/usb/pcm.c b/sound/usb/pcm.c
index cff3a3c465d736f17d73a4cf6c01c54c936469c3..4132522ac90f8c88da831b68f9cbdf777131de8e 100644 (file)
--- a/sound/usb/pcm.c
+++ b/sound/usb/pcm.c
@@ -676,8 +676,10 @@ static int snd_usb_pcm_check_knot(struct snd_pcm_runtime *runtime,
        if (!needs_knot)
                return 0;
 
-       subs->rate_list.count = count;
        subs->rate_list.list = kmalloc(sizeof(int) * count, GFP_KERNEL);
+       if (!subs->rate_list.list)
+               return -ENOMEM;
+       subs->rate_list.count = count;
        subs->rate_list.mask = 0;
        count = 0;
        list_for_each_entry(fp, &subs->fmt_list, list) {