From 709f71896b16ceb2ee767504dfaa05bc8209b9d4 Mon Sep 17 00:00:00 2001 From: Arnd Bergmann Date: Wed, 11 Jan 2017 14:39:44 +0100 Subject: [PATCH] ALSA: hda/ca0132 - fix possible NULL pointer use gcc-7 caught what it considers a NULL pointer dereference: sound/pci/hda/patch_ca0132.c: In function 'dspio_scp.constprop': sound/pci/hda/patch_ca0132.c:1487:4: error: argument 1 null where non-null expected [-Werror=nonnull] This is plausible from looking at the function, as we compare 'reply' to NULL earlier in it. I have not tried to analyze if there are constraints that make it impossible to hit the bug, but adding another NULL check in the end kills the warning and makes the function more robust. Signed-off-by: Arnd Bergmann Signed-off-by: Takashi Iwai [dongkyun.s: cherry-pick mainline commit 46a049dae771 for gcc 9 build] Change-Id: Id0faddb2d8b93b5b9aa522ae7ef08c34886df5e6 --- sound/pci/hda/patch_ca0132.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/sound/pci/hda/patch_ca0132.c b/sound/pci/hda/patch_ca0132.c index 9ceb2bc36e68..8da1cd43317a 100644 --- a/sound/pci/hda/patch_ca0132.c +++ b/sound/pci/hda/patch_ca0132.c @@ -1481,6 +1481,9 @@ static int dspio_scp(struct hda_codec *codec, } else if (ret_size != reply_data_size) { codec_dbg(codec, "RetLen and HdrLen .NE.\n"); return -EINVAL; + } else if (!reply) { + codec_dbg(codec, "NULL reply\n"); + return -EINVAL; } else { *reply_len = ret_size*sizeof(unsigned int); memcpy(reply, scp_reply.data, *reply_len); -- 2.34.1