Linux-Media Archive on lore.kernel.org
 help / color / Atom feed
* [PATCH] staging: atomisp: move null check to earlier point
@ 2020-07-29 13:56 Cengiz Can
  2020-07-29 15:13 ` Andy Shevchenko
  0 siblings, 1 reply; 15+ messages in thread
From: Cengiz Can @ 2020-07-29 13:56 UTC (permalink / raw)
  To: Mauro Carvalho Chehab, Sakari Ailus, Greg Kroah-Hartman, Andy Shevchenko
  Cc: linux-media, devel, linux-kernel, Cengiz Can

`find_gmin_subdev` function that returns a pointer to `struct
gmin_subdev` can return NULL.

In `gmin_v2p8_ctrl` there's a call to this function but the possibility
of a NULL was not checked before its being dereferenced. ie:

```
/* Acquired here --------v */
struct gmin_subdev *gs = find_gmin_subdev(subdev);
int ret;
int value;

/*  v------Dereferenced here */
if (gs->v2p8_gpio >= 0) {
	pr_info("atomisp_gmin_platform: 2.8v power on GPIO %d\n",
		gs->v2p8_gpio);
	ret = gpio_request(gs->v2p8_gpio, "camera_v2p8");
	if (!ret)
		ret = gpio_direction_output(gs->v2p8_gpio, 0);
	if (ret)
		pr_err("V2P8 GPIO initialization failed\n");
}
```

I have moved the NULL check before deref point.

Caught-by: Coverity Static Analyzer CID 1465536
Signed-off-by: Cengiz Can <cengiz@kernel.wtf>
---
 drivers/staging/media/atomisp/pci/atomisp_gmin_platform.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/drivers/staging/media/atomisp/pci/atomisp_gmin_platform.c b/drivers/staging/media/atomisp/pci/atomisp_gmin_platform.c
index 0df46a1af5f0..8e9c5016f299 100644
--- a/drivers/staging/media/atomisp/pci/atomisp_gmin_platform.c
+++ b/drivers/staging/media/atomisp/pci/atomisp_gmin_platform.c
@@ -871,6 +871,11 @@ static int gmin_v2p8_ctrl(struct v4l2_subdev *subdev, int on)
 	int ret;
 	int value;
 
+	if (!gs) {
+		pr_err("Unable to find gmin subdevice\n");
+		return -EINVAL;
+	}
+
 	if (gs->v2p8_gpio >= 0) {
 		pr_info("atomisp_gmin_platform: 2.8v power on GPIO %d\n",
 			gs->v2p8_gpio);
@@ -881,7 +886,7 @@ static int gmin_v2p8_ctrl(struct v4l2_subdev *subdev, int on)
 			pr_err("V2P8 GPIO initialization failed\n");
 	}
 
-	if (!gs || gs->v2p8_on == on)
+	if (gs->v2p8_on == on)
 		return 0;
 	gs->v2p8_on = on;
 
-- 
2.27.0


^ permalink raw reply	[flat|nested] 15+ messages in thread

end of thread, back to index

Thread overview: 15+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-07-29 13:56 [PATCH] staging: atomisp: move null check to earlier point Cengiz Can
2020-07-29 15:13 ` Andy Shevchenko
2020-07-30  8:45   ` Dan Carpenter
2020-07-30  8:59     ` Cengiz Can
2020-07-30 22:17     ` [PATCH v2] " Cengiz Can
2020-07-31  8:38       ` Andy Shevchenko
2020-08-01 21:51         ` [PATCH v3] " Cengiz Can
2020-08-01 21:55         ` [PATCHi v4] " Cengiz Can
2020-08-01 21:58         ` [PATCH v5] " Cengiz Can
2020-08-01 22:01         ` [PATCH v6] " Cengiz Can
2020-08-06 18:34           ` Cengiz Can
2020-08-06 18:39             ` Greg KH
2020-08-06 20:38               ` Cengiz Can
2020-08-06 22:15     ` [PATCH] " Bjorn Helgaas
2020-08-07  9:53       ` Dan Carpenter

Linux-Media Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-media/0 linux-media/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-media linux-media/ https://lore.kernel.org/linux-media \
		linux-media@vger.kernel.org
	public-inbox-index linux-media

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-media


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git