From: Matthias Kaehlcke <mka@chromium.org>
To: Yongzhi Liu <lyz_cs@pku.edu.cn>
Cc: agross@kernel.org, bjorn.andersson@linaro.org, jic23@kernel.org,
lars@metafoo.de, linux-arm-msm@vger.kernel.org,
linux-iio@vger.kernel.org, linux-kernel@vger.kernel.org,
fuyq@stu.pku.edu.cn
Subject: Re: [PATCH] iio: vadc: Fix potential dereference of NULL pointer
Date: Wed, 18 May 2022 10:31:39 -0700 [thread overview]
Message-ID: <YoUtezVzsPB8MAEO@google.com> (raw)
In-Reply-To: <1652856180-100582-1-git-send-email-lyz_cs@pku.edu.cn>
On Tue, May 17, 2022 at 11:43:00PM -0700, Yongzhi Liu wrote:
> The return value of vadc_get_channel() needs to be checked
> to avoid use of NULL pointer, which is followed by
> the caller 'vadc_do_conversion' of function 'vadc_configure'.
> Fix this by adding the null pointer check on prop
> in function 'vadc_configure'.
>
> Signed-off-by: Yongzhi Liu <lyz_cs@pku.edu.cn>
> ---
> drivers/iio/adc/qcom-spmi-vadc.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/drivers/iio/adc/qcom-spmi-vadc.c b/drivers/iio/adc/qcom-spmi-vadc.c
> index 34202ba..d99bd72 100644
> --- a/drivers/iio/adc/qcom-spmi-vadc.c
> +++ b/drivers/iio/adc/qcom-spmi-vadc.c
> @@ -210,6 +210,9 @@ static int vadc_configure(struct vadc_priv *vadc,
> u8 decimation, mode_ctrl;
> int ret;
>
> + if (!prop)
> + return -ENODEV;
> +
> /* Mode selection */
> mode_ctrl = (VADC_OP_MODE_NORMAL << VADC_OP_MODE_SHIFT) |
> VADC_ADC_TRIM_EN | VADC_AMUX_TRIM_EN;
Shouldn't the check be done in vadc_measure_ref_points() where 'prop' is
obtained, rather than deep down in the call chain? For example
vadc_do_conversion() would also dereference the NULL pointer unless one
of the prior function calls fails.
next prev parent reply other threads:[~2022-05-18 17:31 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-05-18 6:43 [PATCH] iio: vadc: Fix potential dereference of NULL pointer Yongzhi Liu
2022-05-18 17:31 ` Matthias Kaehlcke [this message]
2022-05-19 5:50 ` [PATCH v2] " Yongzhi Liu
2022-05-20 17:13 ` Jonathan Cameron
2022-05-21 3:31 ` [PATCH] hv_netvsc: " Yongzhi Liu
2022-05-21 3:34 ` 刘永志
2022-05-23 15:21 ` Andy Shevchenko
2022-05-23 15:45 ` 刘永志
2022-05-21 3:35 ` [PATCH v3] iio: vadc: " Yongzhi Liu
2022-05-22 11:01 ` Jonathan Cameron
2022-05-22 16:53 ` [PATCH v4] " Yongzhi Liu
2022-06-03 15:02 ` Jonathan Cameron
2022-06-03 15:20 ` Jonathan Cameron
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YoUtezVzsPB8MAEO@google.com \
--to=mka@chromium.org \
--cc=agross@kernel.org \
--cc=bjorn.andersson@linaro.org \
--cc=fuyq@stu.pku.edu.cn \
--cc=jic23@kernel.org \
--cc=lars@metafoo.de \
--cc=linux-arm-msm@vger.kernel.org \
--cc=linux-iio@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=lyz_cs@pku.edu.cn \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.