| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 6 Apr 2020 15:31:09 +0300
From: Alexandru Ardelean <alexandru.ardelean@...log.com>
To: <linux-iio@...r.kernel.org>, <linux-kernel@...r.kernel.org>
CC: <jic23@...nel.org>, <alexandru.tachici@...log.com>,
Alexandru Ardelean <alexandru.ardelean@...log.com>
Subject: [PATCH] iio: adc: ad7192: fix null de-ref crash during probe
When the 'spi_device_id' table was removed, it omitted to cleanup/fix the
assignment:
'indio_dev->name = spi_get_device_id(spi)->name;'
After that patch 'spi_get_device_id(spi)' returns NULL, so this crashes
during probe with null de-ref.
This change assigns the 'compatible' string from the DT table, as the new
'indio_dev->name'. As such, the new device/part name now looks like
'adi,ad719x', and now has the vendor prefix.
Note that this change is not doing any NULL check to the return value of
'of_match_device()'. This shouldn't happen, and if it does it's likely a
framework error on the probe side.
Fixes 66614ab2be38: ("staging: iio: adc: ad7192: removed spi_device_id")
Signed-off-by: Alexandru Ardelean <alexandru.ardelean@...log.com>
---
drivers/iio/adc/ad7192.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/drivers/iio/adc/ad7192.c b/drivers/iio/adc/ad7192.c
index 8ec28aa8fa8a..0039a45e1f33 100644
--- a/drivers/iio/adc/ad7192.c
+++ b/drivers/iio/adc/ad7192.c
@@ -888,6 +888,7 @@ MODULE_DEVICE_TABLE(of, ad7192_of_match);
static int ad7192_probe(struct spi_device *spi)
{
+ const struct of_device_id *of_id;
struct ad7192_state *st;
struct iio_dev *indio_dev;
int ret, voltage_uv = 0;
@@ -937,10 +938,12 @@ static int ad7192_probe(struct spi_device *spi)
goto error_disable_avdd;
}
+ of_id = of_match_device(ad7192_of_match, &spi->dev);
+
spi_set_drvdata(spi, indio_dev);
- st->devid = (unsigned long)of_device_get_match_data(&spi->dev);
+ st->devid = (unsigned long)of_id->data;
indio_dev->dev.parent = &spi->dev;
- indio_dev->name = spi_get_device_id(spi)->name;
+ indio_dev->name = of_id->compatible;
indio_dev->modes = INDIO_DIRECT_MODE;
ret = ad7192_channels_config(indio_dev);
--
2.17.1
Powered by blists - more mailing lists