2018-12-03 06:24:04

by Wen Yang

[permalink] [raw]
Subject: [PATCH] udlfb: fix potential NULL pointer dereference in dlfb_usb_probe

This patch fixes a possible null pointer dereference in
dlfb_usb_probe, detected by the semantic patch deref_null.cocci,
with the following warning:

drivers/video/fbdev/udlfb.c:1704:11-15: ERROR: dlfb is NULL but dereferenced.

The following code has potential null pointer references:
1597 /* usb initialization */
1598 dlfb = kzalloc(sizeof(*dlfb), GFP_KERNEL);
1599 if (!dlfb) {
...
1601 goto error;
1602 }
...
1703 error:
1704 if (dlfb->info) {
1705 dlfb_ops_destroy(dlfb->info);
1706 } else if (dlfb) {
1707 usb_put_dev(dlfb->udev);
1708 kfree(dlfb);
1709 }

Signed-off-by: Wen Yang <[email protected]>
CC: Bernie Thompson <[email protected]>
CC: Bartlomiej Zolnierkiewicz <[email protected]>
CC: [email protected]
CC: [email protected]
CC: [email protected]
---
drivers/video/fbdev/udlfb.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/video/fbdev/udlfb.c b/drivers/video/fbdev/udlfb.c
index 070026a7e55a..df37cfaa2362 100644
--- a/drivers/video/fbdev/udlfb.c
+++ b/drivers/video/fbdev/udlfb.c
@@ -1701,7 +1701,7 @@ static int dlfb_usb_probe(struct usb_interface *intf,
return 0;

error:
- if (dlfb->info) {
+ if (dlfb && dlfb->info) {
dlfb_ops_destroy(dlfb->info);
} else if (dlfb) {
usb_put_dev(dlfb->udev);
--
2.19.1