wifi: rtw89: coex: check NULL return of kmalloc in btc_fw_set_monreg()

kmalloc may fail, return value might be NULL and will cause
NULL pointer dereference. Add check NULL return of kmalloc in
btc_fw_set_monreg().

Signed-off-by: Pei Xiao <xiaopei01@kylinos.cn>
Fixes: b952cb0a6e2d ("wifi: rtw89: coex: Add register monitor report v7 format")
Signed-off-by: Ping-Ke Shih <pkshih@realtek.com>
Link: https://patch.msgid.link/516a91f3997534f708af43c7592cbafdd53dd599.1730253508.git.xiaopei01@kylinos.cn

diff --git a/drivers/net/wireless/realtek/rtw89/coex.c b/drivers/net/wireless/realtek/rtw89/coex.c
index 8a65722dd1fd48e26e5f55540ba4ec4b8eecf591..8398bd007aaf86fc0db82b289143fc0c617db120 100644 (file)
--- a/drivers/net/wireless/realtek/rtw89/coex.c
+++ b/drivers/net/wireless/realtek/rtw89/coex.c
@@ -2507,6 +2507,8 @@ static void btc_fw_set_monreg(struct rtw89_dev *rtwdev)
        if (ver->fcxmreg == 7) {
                sz = struct_size(v7, regs, n);
                v7 = kmalloc(sz, GFP_KERNEL);
+               if (!v7)
+                       return;
                v7->type = RPT_EN_MREG;
                v7->fver = ver->fcxmreg;
                v7->len = n;
@@ -2521,6 +2523,8 @@ static void btc_fw_set_monreg(struct rtw89_dev *rtwdev)
        } else {
                sz = struct_size(v1, regs, n);
                v1 = kmalloc(sz, GFP_KERNEL);
+               if (!v1)
+                       return;
                v1->fver = ver->fcxmreg;
                v1->reg_num = n;
                memcpy(v1->regs, chip->mon_reg, flex_array_size(v1, regs, n));