When gigaset_initbcs() is called, cs->dev is not initialized yet.
If dev_alloc_skb() failed in this function, NULL poinster
dereference will happen at dev_warn().
Cc: Kai Germaschewski <[email protected]>
Cc: Hansjoerg Lipp <[email protected]>
Cc: Tilman Schmidt <[email protected]>
Cc: Karsten Keil <[email protected]>
Signed-off-by: Akinobu Mita <[email protected]>
drivers/isdn/gigaset/common.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Index: work-fault-inject/drivers/isdn/gigaset/common.c
===================================================================
--- work-fault-inject.orig/drivers/isdn/gigaset/common.c
+++ work-fault-inject/drivers/isdn/gigaset/common.c
@@ -579,7 +579,7 @@ static struct bc_state *gigaset_initbcs(
} else if ((bcs->skb = dev_alloc_skb(SBUFSIZE + HW_HDR_LEN)) != NULL)
skb_reserve(bcs->skb, HW_HDR_LEN);
else {
- dev_warn(cs->dev, "could not allocate skb\n");
+ gig_dbg(DEBUG_INIT, "could not allocate skb\n");
bcs->inputstate |= INS_skip_frame;
}
[Argh. Kaum ist man mal ein paar Tage weg ...]
Am 28.10.2006 20:45 schrieb Akinobu Mita:
> --- work-fault-inject.orig/drivers/isdn/gigaset/common.c
> +++ work-fault-inject/drivers/isdn/gigaset/common.c
> @@ -579,7 +579,7 @@ static struct bc_state *gigaset_initbcs(
> } else if ((bcs->skb = dev_alloc_skb(SBUFSIZE + HW_HDR_LEN)) != NULL)
> skb_reserve(bcs->skb, HW_HDR_LEN);
> else {
> - dev_warn(cs->dev, "could not allocate skb\n");
> + gig_dbg(DEBUG_INIT, "could not allocate skb\n");
> bcs->inputstate |= INS_skip_frame;
> }
I'm not quite happy with that patch. (Nor, for that matter, with the
speed it was pushed into mainline, without waiting even a few days
for comments from the maintainers of the code in question.)
Not being able to allocate that skb seriously impairs functionality
of the driver. It should be reported on production systems too, not
just on debug builds.
In short: NAK. Please revert, and replace by the following:
From: Tilman Schmidt <[email protected]>
Avoid usage of uninitialized cs->dev in gigaset_initbcs().
Signed-off-by: Tilman Schmidt <[email protected]>
Cc: Hansjoerg Lipp <[email protected]>
Cc: Karsten Keil <[email protected]>
Cc: Kai Germaschewski <[email protected]>
Cc: Akinobu Mita <[email protected]>
Cc: Andrew Morton <[email protected]>
---
drivers/isdn/gigaset/common.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/drivers/isdn/gigaset/common.c
+++ b/drivers/isdn/gigaset/common.c
@@ -616,7 +616,7 @@ static struct bc_state *gigaset_initbcs(
} else if ((bcs->skb = dev_alloc_skb(SBUFSIZE + HW_HDR_LEN)) != NULL)
skb_reserve(bcs->skb, HW_HDR_LEN);
else {
- dev_warn(cs->dev, "could not allocate skb\n");
+ warn("could not allocate skb");
bcs->inputstate |= INS_skip_frame;
}
--
Tilman Schmidt E-Mail: [email protected]
Bonn, Germany
Diese Nachricht besteht zu 100% aus wiederverwerteten Bits.
Ungeoeffnet mindestens haltbar bis: (siehe Rueckseite)