As other functions in this module do, edev should be checked to
ensure that it is not NULL.
The fix inserts such as check to avoid potential NULL pointer
dereference.
Signed-off-by: Kangjie Lu <[email protected]>
---
drivers/firmware/edd.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/drivers/firmware/edd.c b/drivers/firmware/edd.c
index 1b82c89a49df..7ebfaca53721 100644
--- a/drivers/firmware/edd.c
+++ b/drivers/firmware/edd.c
@@ -279,6 +279,8 @@ static ssize_t
edd_show_mbr_signature(struct edd_device *edev, char *buf)
{
char *p = buf;
+ if (!edev)
+ return -EINVAL;
p += scnprintf(p, left, "0x%08x\n", edev->mbr_signature);
return (p - buf);
}
--
2.17.1
On 23/03/2019 23:10, Kangjie Lu wrote:
> As other functions in this module do, edev should be checked to
> ensure that it is not NULL.
> The fix inserts such as check to avoid potential NULL pointer
> dereference.
>
> Signed-off-by: Kangjie Lu <[email protected]>
> ---
> drivers/firmware/edd.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/drivers/firmware/edd.c b/drivers/firmware/edd.c
> index 1b82c89a49df..7ebfaca53721 100644
> --- a/drivers/firmware/edd.c
> +++ b/drivers/firmware/edd.c
> @@ -279,6 +279,8 @@ static ssize_t
> edd_show_mbr_signature(struct edd_device *edev, char *buf)
> {
> char *p = buf;
> + if (!edev)
> + return -EINVAL;
I don't think this can ever be NULL.
edd_show_mbr_signature() is called from edd_attr_show(), which
simplified looks like this:
define to_edd_device(obj) container_of(obj,struct edd_device,kobj)
edd_attr_show(struct kobject * kobj, struct attribute *attr, char *buf)
{
struct edd_device *dev = to_edd_device(kobj);
[...]
if (edd_attr->show)
ret = edd_attr->show(dev, buf);
[...]
}
The edd_device structure has the kobject embedded, otherwise the up-cast
won't work.
Byte,
Johannes
--
Johannes Thumshirn SUSE Labs Filesystems
[email protected] +49 911 74053 689
SUSE LINUX GmbH, Maxfeldstr. 5, 90409 Nürnberg
GF: Felix Imendörffer, Mary Higgins, Sri Rasiah
HRB 21284 (AG Nürnberg)
Key fingerprint = EC38 9CAB C2C4 F25D 8600 D0D0 0393 969D 2D76 0850