[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <1576723530-31381-1-git-send-email-zhangpan26@huawei.com>
Date: Thu, 19 Dec 2019 10:45:30 +0800
From: Pan Zhang <zhangpan26@...wei.com>
To: <benjamin.tissoires@...hat.com>, <jikos@...nel.org>,
<rydberg@...math.org>, <zhangpan26@...wei.com>,
<hushiyuan@...wei.com>
CC: <linux-input@...r.kernel.org>, <linux-kernel@...r.kernel.org>
Subject: [PATCH v2] drivers/hid/hid-multitouch.c: fix a possible null pointer access.
1002 if ((quirks & MT_QUIRK_IGNORE_DUPLICATES) && mt) {
1003 struct input_mt_slot *i_slot = &mt->slots[slotnum];
1004
1005 if (input_mt_is_active(i_slot) &&
1006 input_mt_is_used(mt, i_slot))
1007 return -EAGAIN;
1008 }
We previously assumed 'mt' could be null (see line 1002).
The following situation is similar, so add a judgement.
Signed-off-by: Pan Zhang <zhangpan26@...wei.com>
---
drivers/hid/hid-multitouch.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/hid/hid-multitouch.c b/drivers/hid/hid-multitouch.c
index 3cfeb16..368de81 100644
--- a/drivers/hid/hid-multitouch.c
+++ b/drivers/hid/hid-multitouch.c
@@ -1019,7 +1019,7 @@ static int mt_process_slot(struct mt_device *td, struct input_dev *input,
tool = MT_TOOL_DIAL;
else if (unlikely(!confidence_state)) {
tool = MT_TOOL_PALM;
- if (!active &&
+ if (!active && mt &&
input_mt_is_active(&mt->slots[slotnum])) {
/*
* The non-confidence was reported for
--
2.7.4
Powered by blists - more mailing lists