NULL checks should be performed before the dereference.
Spotted by the Coverity checker.
Signed-off-by: Eugene Teo <[email protected]>
diff --git a/drivers/net/wireless/libertas/fw.c b/drivers/net/wireless/libertas/fw.c
index 441123c..5c63c9b 100644
--- a/drivers/net/wireless/libertas/fw.c
+++ b/drivers/net/wireless/libertas/fw.c
@@ -333,18 +333,22 @@ static void command_timer_fn(unsigned long data)
unsigned long flags;
ptempnode = adapter->cur_cmd;
+ if (ptempnode == NULL) {
+ lbs_pr_debug(1, "PTempnode Empty\n");
+ return;
+ }
+
cmd = (struct cmd_ds_command *)ptempnode->bufvirtualaddr;
+ if (!cmd) {
+ lbs_pr_debug(1, "cmd is NULL\n");
+ return;
+ }
lbs_pr_info("command_timer_fn fired (%x)\n", cmd->command);
if (!adapter->fw_ready)
return;
- if (ptempnode == NULL) {
- lbs_pr_debug(1, "PTempnode Empty\n");
- return;
- }
-
spin_lock_irqsave(&adapter->driver_lock, flags);
adapter->cur_cmd = NULL;
spin_unlock_irqrestore(&adapter->driver_lock, flags);
This should be sent to linux-wireless (and CC'ed to me) as well...
On Sat, May 19, 2007 at 01:06:49AM +0800, Eugene Teo wrote:
> NULL checks should be performed before the dereference.
>
> Spotted by the Coverity checker.
>
> Signed-off-by: Eugene Teo <[email protected]>
>
> diff --git a/drivers/net/wireless/libertas/fw.c b/drivers/net/wireless/libertas/fw.c
> index 441123c..5c63c9b 100644
> --- a/drivers/net/wireless/libertas/fw.c
> +++ b/drivers/net/wireless/libertas/fw.c
> @@ -333,18 +333,22 @@ static void command_timer_fn(unsigned long data)
> unsigned long flags;
>
> ptempnode = adapter->cur_cmd;
> + if (ptempnode == NULL) {
> + lbs_pr_debug(1, "PTempnode Empty\n");
> + return;
> + }
> +
> cmd = (struct cmd_ds_command *)ptempnode->bufvirtualaddr;
> + if (!cmd) {
> + lbs_pr_debug(1, "cmd is NULL\n");
> + return;
> + }
>
> lbs_pr_info("command_timer_fn fired (%x)\n", cmd->command);
>
> if (!adapter->fw_ready)
> return;
>
> - if (ptempnode == NULL) {
> - lbs_pr_debug(1, "PTempnode Empty\n");
> - return;
> - }
> -
> spin_lock_irqsave(&adapter->driver_lock, flags);
> adapter->cur_cmd = NULL;
> spin_unlock_irqrestore(&adapter->driver_lock, flags);
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to [email protected]
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/
--
John W. Linville
[email protected]
On Sat, May 19, 2007 at 01:06:49AM +0800, Eugene Teo wrote:
> NULL checks should be performed before the dereference.
>
> Spotted by the Coverity checker.
>
> Signed-off-by: Eugene Teo <[email protected]>
This does not apply against 2.6.22-rc1. Please rediff and repost.
Thanks,
John
--
John W. Linville
[email protected]
Hi John,
John W. Linville wrote:
> On Sat, May 19, 2007 at 01:06:49AM +0800, Eugene Teo wrote:
>> NULL checks should be performed before the dereference.
>>
>> Spotted by the Coverity checker.
>>
>> Signed-off-by: Eugene Teo <[email protected]>
>
> This does not apply against 2.6.22-rc1. Please rediff and repost.
Ok. Here's a rediff against 2.6.22-rc1. Thanks.
--
NULL checks should be performed before the dereference.
Spotted by the Coverity checker.
Signed-off-by: Eugene Teo <[email protected]>
diff -uprN -X 2.6.22-rc1/Documentation/dontdiff
2.6.22-rc1.orig/drivers/net/wireless/libertas/fw.c 2.6.22-rc1/drivers/net/wireless/libertas/fw.c
--- 2.6.22-rc1.orig/drivers/net/wireless/libertas/fw.c 2007-05-19 10:48:02.000000000 +0800
+++ 2.6.22-rc1/drivers/net/wireless/libertas/fw.c 2007-05-19 11:01:26.000000000 +0800
@@ -333,18 +333,22 @@ static void command_timer_fn(unsigned lo
unsigned long flags;
ptempnode = adapter->cur_cmd;
+ if (ptempnode == NULL) {
+ lbs_pr_debug(1, "PTempnode Empty\n");
+ return;
+ }
+
cmd = (struct cmd_ds_command *)ptempnode->bufvirtualaddr;
+ if (!cmd) {
+ lbs_pr_debug(1, "cmd is NULL\n");
+ return;
+ }
lbs_pr_info("command_timer_fn fired (%x)\n", cmd->command);
if (!adapter->fw_ready)
return;
- if (ptempnode == NULL) {
- lbs_pr_debug(1, "PTempnode Empty\n");
- return;
- }
-
spin_lock_irqsave(&adapter->driver_lock, flags);
adapter->cur_cmd = NULL;
spin_unlock_irqrestore(&adapter->driver_lock, flags);