[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <556B8E0D.8020703@canonical.com>
Date: Sun, 31 May 2015 23:41:17 +0100
From: Colin Ian King <colin.king@...onical.com>
To: Sergei Shtylyov <sergei.shtylyov@...entembedded.com>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Laurent Pinchart <laurent.pinchart@...asonboard.com>,
Felipe Balbi <balbi@...com>,
Sudeep Holla <sudeep.holla@....com>, linux-usb@...r.kernel.org
CC: linux-kernel@...r.kernel.org
Subject: Re: [PATCH] usb: isp1760: fix null dereference if kzalloc returns
null
On 31/05/15 23:15, Sergei Shtylyov wrote:
> Hello.
>
> On 06/01/2015 01:00 AM, Colin King wrote:
>
>> From: Colin Ian King <colin.king@...onical.com>
>
>> If kzalloc returns null then isp1760_ep_alloc_request performs
>> a null pointer deference on req.
>
> Dereference, not "deference".
Shall I send v2 for this stupid typo then?
> No, it doesn't. It calculates the address of the
> 'isp1760_request::req' instead, there's no dereference per se. I suppose
> this is a first member of the structure, so this function should work
> correctly in any case.
Well, for now it's the first member, but can we assume that will apply
forever? As it stands, other *_alloc_request() functions in all the
other usb drivers check for the NULL, so this fix just aligns the code
with all of these other drivers.
>
>> Check for null to avoid this.
>
>> Detected with smatch static analysis:
>>
>> drivers/usb/isp1760/isp1760-udc.c:816 isp1760_ep_alloc_request()
>> error: potential null dereference 'req'. (kzalloc returns null)
>
> Well, the change won't hurt anyway, makes things clearer.
>
>> Signed-off-by: Colin Ian King <colin.king@...onical.com>
>
> WBR, Sergei
>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists