[prev in list] [next in list] [prev in thread] [next in thread]
List: linux-input
Subject: Re: [PATCH 1/1] Input: cyttsp - Fix check after pointer dereferencing
From: Javier Martinez Canillas <javier () dowhile0 ! org>
Date: 2012-02-23 12:33:09
Message-ID: CABxcv=mYjk+kFkT-bWfLgda3GAy5HhSoCsg+H6iFbJTg1FZLfg () mail ! gmail ! com
[Download RAW message or body]
On Wed, Feb 15, 2012 at 11:42 AM, Javier Martinez Canillas
<javier@dowhile0.org> wrote:
> From: Javier Martinez Canillas <martinez.javier@dowhile0.org>
>
> In the cyttsp_probe() function the struct device *dev pointer was
> dereferenced before checking if it was NULL.
>
> Now dev is never NULL since both I2C and SPI bus drivers pass a pointer to a
> member of an previously allocated structure. But others bus drivers can do
> it differently so is better to sanity check instead of trust in the callers.
>
> Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
> Signed-off-by: Javier Martinez Canillas <javier@dowhile0.org>
> ---
> drivers/input/touchscreen/cyttsp_core.c | 11 +++++++++--
> 1 files changed, 9 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/input/touchscreen/cyttsp_core.c b/drivers/input/touchscreen/cyttsp_core.c
> index 8be2247..071e5ae8 100644
> --- a/drivers/input/touchscreen/cyttsp_core.c
> +++ b/drivers/input/touchscreen/cyttsp_core.c
> @@ -518,12 +518,19 @@ static void cyttsp_close(struct input_dev *dev)
> struct cyttsp *cyttsp_probe(const struct cyttsp_bus_ops *bus_ops,
> struct device *dev, int irq, size_t xfer_buf_size)
> {
> - const struct cyttsp_platform_data *pdata = dev->platform_data;
> + const struct cyttsp_platform_data *pdata;
> struct cyttsp *ts;
> struct input_dev *input_dev;
> int error;
>
> - if (!dev || !bus_ops || !pdata || !pdata->name || irq <= 0) {
> + if (!dev || !bus_ops || !dev->platform_data || irq <= 0) {
> + error = -EINVAL;
> + goto err_out;
> + }
> +
> + pdata = dev->platform_data;
> +
> + if (!pdata->name) {
> error = -EINVAL;
> goto err_out;
> }
> --
> 1.7.7.6
>
Hello,
Any feedback on this?
Is not a bug with today cyttsp driver since both I2C and SPI transport
drivers can't pass a NULL pointer, but I think Dan is right that is
better to sanity check since others transport drivers can be added in
the future.
Or this check is being to paranoiac?
Regards,
Javier
--
To unsubscribe from this list: send the line "unsubscribe linux-input" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic