lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20200407063310.85466-1-alexandru.ardelean@analog.com>
Date:   Tue, 7 Apr 2020 09:33:10 +0300
From:   Alexandru Ardelean <alexandru.ardelean@...log.com>
To:     <linux-iio@...r.kernel.org>, <linux-kernel@...r.kernel.org>
CC:     <jic23@...nel.org>, <alexandru.tachici@...log.com>,
        Alexandru Ardelean <alexandru.ardelean@...log.com>
Subject: [PATCH v2] iio: adc: ad7192: fix null pointer de-reference crash during probe

When the 'spi_device_id' table was removed, it omitted to cleanup/fix the
assignment:
  'indio_dev->name = spi_get_device_id(spi)->name;'

After that patch 'spi_get_device_id(spi)' returns NULL, so this crashes
during probe with null de-ref.

This change assigns the 'compatible' string from the DT table, as the new
'indio_dev->name'. As such, the new device/part name now looks like
'adi,ad719x', and now has the vendor prefix.

Note that this change is not doing any NULL check to the return value of
'of_match_device()'. This shouldn't happen, and if it does it's likely a
framework error on the probe side.

Fixes: 66614ab2be38 ("staging: iio: adc: ad7192: removed spi_device_id")
Signed-off-by: Alexandru Ardelean <alexandru.ardelean@...log.com>
---

Changelog v1 -> v2:
* fix colon for Fixes tag
* updated commit title a bit; to make it longer

 drivers/iio/adc/ad7192.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/drivers/iio/adc/ad7192.c b/drivers/iio/adc/ad7192.c
index 8ec28aa8fa8a..0039a45e1f33 100644
--- a/drivers/iio/adc/ad7192.c
+++ b/drivers/iio/adc/ad7192.c
@@ -888,6 +888,7 @@ MODULE_DEVICE_TABLE(of, ad7192_of_match);
 
 static int ad7192_probe(struct spi_device *spi)
 {
+	const struct of_device_id *of_id;
 	struct ad7192_state *st;
 	struct iio_dev *indio_dev;
 	int ret, voltage_uv = 0;
@@ -937,10 +938,12 @@ static int ad7192_probe(struct spi_device *spi)
 		goto error_disable_avdd;
 	}
 
+	of_id = of_match_device(ad7192_of_match, &spi->dev);
+
 	spi_set_drvdata(spi, indio_dev);
-	st->devid = (unsigned long)of_device_get_match_data(&spi->dev);
+	st->devid = (unsigned long)of_id->data;
 	indio_dev->dev.parent = &spi->dev;
-	indio_dev->name = spi_get_device_id(spi)->name;
+	indio_dev->name = of_id->compatible;
 	indio_dev->modes = INDIO_DIRECT_MODE;
 
 	ret = ad7192_channels_config(indio_dev);
-- 
2.17.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ