'Re: [PATCH 1/1] Input: cyttsp - Fix check after pointer dereferencing'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       linux-input
Subject:    Re: [PATCH 1/1] Input: cyttsp - Fix check after pointer dereferencing
From:       Javier Martinez Canillas <javier () dowhile0 ! org>
Date:       2012-02-23 12:33:09
Message-ID: CABxcv=mYjk+kFkT-bWfLgda3GAy5HhSoCsg+H6iFbJTg1FZLfg () mail ! gmail ! com
[Download RAW message or body]

On Wed, Feb 15, 2012 at 11:42 AM, Javier Martinez Canillas
<javier@dowhile0.org> wrote:
> From: Javier Martinez Canillas <martinez.javier@dowhile0.org>
>
> In the cyttsp_probe() function the struct device *dev pointer was
> dereferenced before checking if it was NULL.
>
> Now dev is never NULL since both I2C and SPI bus drivers pass a pointer to a
> member of an previously allocated structure. But others bus drivers can do
> it differently so is better to sanity check instead of trust in the callers.
>
> Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
> Signed-off-by: Javier Martinez Canillas <javier@dowhile0.org>
> ---
>  drivers/input/touchscreen/cyttsp_core.c |   11 +++++++++--
>  1 files changed, 9 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/input/touchscreen/cyttsp_core.c b/drivers/input/touchscreen/cyttsp_core.c
> index 8be2247..071e5ae8 100644
> --- a/drivers/input/touchscreen/cyttsp_core.c
> +++ b/drivers/input/touchscreen/cyttsp_core.c
> @@ -518,12 +518,19 @@ static void cyttsp_close(struct input_dev *dev)
>  struct cyttsp *cyttsp_probe(const struct cyttsp_bus_ops *bus_ops,
>                            struct device *dev, int irq, size_t xfer_buf_size)
>  {
> -       const struct cyttsp_platform_data *pdata = dev->platform_data;
> +       const struct cyttsp_platform_data *pdata;
>        struct cyttsp *ts;
>        struct input_dev *input_dev;
>        int error;
>
> -       if (!dev || !bus_ops || !pdata || !pdata->name || irq <= 0) {
> +       if (!dev || !bus_ops || !dev->platform_data || irq <= 0) {
> +               error = -EINVAL;
> +               goto err_out;
> +       }
> +
> +       pdata = dev->platform_data;
> +
> +       if (!pdata->name) {
>                error = -EINVAL;
>                goto err_out;
>        }
> --
> 1.7.7.6
>

Hello,

Any feedback on this?

Is not a bug with today cyttsp driver since both I2C and SPI transport
drivers can't pass a NULL pointer, but I think Dan is right that is
better to sanity check since others transport drivers can be added in
the future.

Or this check is being to paranoiac?

Regards,
Javier
--
To unsubscribe from this list: send the line "unsubscribe linux-input" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic