[PATCH 2/4] mm/damon/sysfs: check contexts->nr before clear_schemes_tried_regions

Next message: Emil Tsalapatis: "Re: [PATCH bpf-next v8 0/8] bpf: Extend the bpf_list family of APIs"
Previous message: Josh Law: "[PATCH 0/4] mm/damon/sysfs: fix resource leak and NULL pointer dereferences"
In reply to: SeongJae Park: "Re: [PATCH 1/4] mm/damon/sysfs: fix param_ctx leak on damon_sysfs_new_test_ctx() failure"
Next in thread: SeongJae Park: "Re: [PATCH 2/4] mm/damon/sysfs: check contexts-&gt;nr before clear_schemes_tried_regions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Josh Law

Date: Thu Mar 19 2026 - 12:22:57 EST

The CLEAR_SCHEMES_TRIED_REGIONS command accesses contexts_arr[0]
without verifying nr_contexts >= 1, causing a NULL pointer dereference
when no context is configured. Add the missing check.

Signed-off-by: Josh Law <objecting@xxxxxxxxxxxxx>
---
mm/damon/sysfs.c | 2 ++
1 file changed, 2 insertions(+)

diff --git a/mm/damon/sysfs.c b/mm/damon/sysfs.c
index b573b9d60784..36ad2e8956c9 100644
--- a/mm/damon/sysfs.c
+++ b/mm/damon/sysfs.c
@@ -1769,6 +1769,8 @@ static int damon_sysfs_handle_cmd(enum damon_sysfs_cmd cmd,
case DAMON_SYSFS_CMD_UPDATE_SCHEMES_TRIED_REGIONS:
return damon_sysfs_update_schemes_tried_regions(kdamond, false);
case DAMON_SYSFS_CMD_CLEAR_SCHEMES_TRIED_REGIONS:
+ if (kdamond->contexts->nr != 1)
+ return -EINVAL;
return damon_sysfs_schemes_clear_regions(
kdamond->contexts->contexts_arr[0]->schemes);
case DAMON_SYSFS_CMD_UPDATE_SCHEMES_EFFECTIVE_QUOTAS:
--
2.34.1