projects / platform / kernel / linux-exynos.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 9793e1d)
media: mxl111sf: Fix potential null pointer dereference
authorEugeniu Rosca <erosca@de.adit-jv.com>
Sun, 13 Aug 2017 10:06:29 +0000 (06:06 -0400)
committerMauro Carvalho Chehab <mchehab@s-opensource.com>
Sun, 27 Aug 2017 10:58:19 +0000 (06:58 -0400)
Reviewing the delta between cppcheck output of v4.9.39 and v4.9.40
stable updates, I stumbled on the new warning:

mxl111sf.c:80: (warning) Possible null pointer dereference: rbuf

Since copying state->rcvbuf into rbuf is not needed in the 'write-only'
scenario (i.e. calling mxl111sf_ctrl_msg() from mxl111sf_i2c_send_data()
or from mxl111sf_write_reg()), bypass memcpy() in this case.

Fixes: d90b336f3f65 ("[media] mxl111sf: Fix driver to use heap allocate buffers for USB messages")

Signed-off-by: Eugeniu Rosca <erosca@de.adit-jv.com>
Reviewed-by: Michael Ira Krufky <mkrufky@linuxtv.org>
Signed-off-by: Mauro Carvalho Chehab <mchehab@s-opensource.com>
drivers/media/usb/dvb-usb-v2/mxl111sf.c patch | blob | history

diff --git a/drivers/media/usb/dvb-usb-v2/mxl111sf.c b/drivers/media/usb/dvb-usb-v2/mxl111sf.c
index b0d5904..6795336 100644 (file)
--- a/drivers/media/usb/dvb-usb-v2/mxl111sf.c
+++ b/drivers/media/usb/dvb-usb-v2/mxl111sf.c
@@ -77,7 +77,9 @@ int mxl111sf_ctrl_msg(struct mxl111sf_state *state,
                dvb_usbv2_generic_rw(d, state->sndbuf, 1+wlen, state->rcvbuf,
                                     rlen);
 
-       memcpy(rbuf, state->rcvbuf, rlen);
+       if (rbuf)
+               memcpy(rbuf, state->rcvbuf, rlen);
+
        mutex_unlock(&state->msg_lock);
 
        mxl_fail(ret);
Domain: System / Kernel;