From: Oliver Neukum <oneukum@suse.com>
Date: Mon, 4 Apr 2016 12:30:53 +0000 (+0200)
Subject: cdc-acm: fix crash if flushed with nothing buffered
X-Git-Tag: v4.14-rc1~3421^2~11
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=2a14759a03a0a57b2fc99b1e416180788b8ba24c;p=platform%2Fkernel%2Flinux-rpi.git

cdc-acm: fix crash if flushed with nothing buffered

Under some circumstances acm_tty_flush_chars() is called
with no buffer to flush. We simply need to do nothing.

Signed-off-by: Oliver Neukum <ONeukum@suse.com>
Reported-by: Torsten Hilbrich <torsten.hilbrich@secunet.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---

diff --git a/drivers/usb/class/cdc-acm.c b/drivers/usb/class/cdc-acm.c
index 83fd30b..a6c4a1b 100644
--- a/drivers/usb/class/cdc-acm.c
+++ b/drivers/usb/class/cdc-acm.c
@@ -744,11 +744,15 @@ static void acm_tty_flush_chars(struct tty_struct *tty)
 	int err;
 	unsigned long flags;
 
+	if (!cur) /* nothing to do */
+		return;
+
 	acm->putbuffer = NULL;
 	err = usb_autopm_get_interface_async(acm->control);
 	spin_lock_irqsave(&acm->write_lock, flags);
 	if (err < 0) {
 		cur->use = 0;
+		acm->putbuffer = cur;
 		goto out;
 	}