A series of commit starting at
50a97e059b USB: OHCI: make ohci-exynos a separate driver
and ending at
b8ad5c3706 USB: OHCI: make ohci-pxa27x a separate driver
introduced the concept of separate OHCI drivers for particular
controllers. Respective drivers need to call ohci_init_driver() to
initialize hc_driver struct with generic data and to certain extent
with platform specific overrides through ohci_driver_overrides struct
passed as second argument to this function. However the code does not
check if the ohci_driver_overrides struct pointer is non-NULL, which
leads for a NULL pointer dereference for drivers that do not need any
overrides.
This patch fixes the problem by dereferencing the passed pointer to
ohci_driver_overrides struct only if it is non-NULL.
Signed-off-by: Tomasz Figa <[email protected]>
---
drivers/usb/host/ohci-hcd.c | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/drivers/usb/host/ohci-hcd.c b/drivers/usb/host/ohci-hcd.c
index 21d937a..8ada13f 100644
--- a/drivers/usb/host/ohci-hcd.c
+++ b/drivers/usb/host/ohci-hcd.c
@@ -1161,10 +1161,12 @@ void ohci_init_driver(struct hc_driver *drv,
/* Copy the generic table to drv and then apply the overrides */
*drv = ohci_hc_driver;
- drv->product_desc = over->product_desc;
- drv->hcd_priv_size += over->extra_priv_size;
- if (over->reset)
- drv->reset = over->reset;
+ if (over) {
+ drv->product_desc = over->product_desc;
+ drv->hcd_priv_size += over->extra_priv_size;
+ if (over->reset)
+ drv->reset = over->reset;
+ }
}
EXPORT_SYMBOL_GPL(ohci_init_driver);
--
1.8.3.2
On Sat, 28 Sep 2013, Tomasz Figa wrote:
> A series of commit starting at
>
> 50a97e059b USB: OHCI: make ohci-exynos a separate driver
>
> and ending at
>
> b8ad5c3706 USB: OHCI: make ohci-pxa27x a separate driver
>
> introduced the concept of separate OHCI drivers for particular
> controllers. Respective drivers need to call ohci_init_driver() to
> initialize hc_driver struct with generic data and to certain extent
> with platform specific overrides through ohci_driver_overrides struct
> passed as second argument to this function. However the code does not
> check if the ohci_driver_overrides struct pointer is non-NULL, which
> leads for a NULL pointer dereference for drivers that do not need any
> overrides.
>
> This patch fixes the problem by dereferencing the passed pointer to
> ohci_driver_overrides struct only if it is non-NULL.
>
> Signed-off-by: Tomasz Figa <[email protected]>
> ---
> drivers/usb/host/ohci-hcd.c | 10 ++++++----
> 1 file changed, 6 insertions(+), 4 deletions(-)
>
> diff --git a/drivers/usb/host/ohci-hcd.c b/drivers/usb/host/ohci-hcd.c
> index 21d937a..8ada13f 100644
> --- a/drivers/usb/host/ohci-hcd.c
> +++ b/drivers/usb/host/ohci-hcd.c
> @@ -1161,10 +1161,12 @@ void ohci_init_driver(struct hc_driver *drv,
> /* Copy the generic table to drv and then apply the overrides */
> *drv = ohci_hc_driver;
>
> - drv->product_desc = over->product_desc;
> - drv->hcd_priv_size += over->extra_priv_size;
> - if (over->reset)
> - drv->reset = over->reset;
> + if (over) {
> + drv->product_desc = over->product_desc;
> + drv->hcd_priv_size += over->extra_priv_size;
> + if (over->reset)
> + drv->reset = over->reset;
> + }
> }
> EXPORT_SYMBOL_GPL(ohci_init_driver);
You were scooped by Kevin Hilman:
http://marc.info/?l=linux-usb&m=138029463906143&w=2
Alan Stern
On Saturday 28 of September 2013 23:00:27 Alan Stern wrote:
> On Sat, 28 Sep 2013, Tomasz Figa wrote:
> > A series of commit starting at
> >
> > 50a97e059b USB: OHCI: make ohci-exynos a separate driver
> >
> > and ending at
> >
> > b8ad5c3706 USB: OHCI: make ohci-pxa27x a separate driver
> >
> > introduced the concept of separate OHCI drivers for particular
> > controllers. Respective drivers need to call ohci_init_driver() to
> > initialize hc_driver struct with generic data and to certain extent
> > with platform specific overrides through ohci_driver_overrides struct
> > passed as second argument to this function. However the code does not
> > check if the ohci_driver_overrides struct pointer is non-NULL, which
> > leads for a NULL pointer dereference for drivers that do not need any
> > overrides.
> >
> > This patch fixes the problem by dereferencing the passed pointer to
> > ohci_driver_overrides struct only if it is non-NULL.
> >
> > Signed-off-by: Tomasz Figa <[email protected]>
> > ---
> >
> > drivers/usb/host/ohci-hcd.c | 10 ++++++----
> > 1 file changed, 6 insertions(+), 4 deletions(-)
> >
> > diff --git a/drivers/usb/host/ohci-hcd.c b/drivers/usb/host/ohci-hcd.c
> > index 21d937a..8ada13f 100644
> > --- a/drivers/usb/host/ohci-hcd.c
> > +++ b/drivers/usb/host/ohci-hcd.c
> > @@ -1161,10 +1161,12 @@ void ohci_init_driver(struct hc_driver *drv,
> >
> > /* Copy the generic table to drv and then apply the overrides */
> > *drv = ohci_hc_driver;
> >
> > - drv->product_desc = over->product_desc;
> > - drv->hcd_priv_size += over->extra_priv_size;
> > - if (over->reset)
> > - drv->reset = over->reset;
> > + if (over) {
> > + drv->product_desc = over->product_desc;
> > + drv->hcd_priv_size += over->extra_priv_size;
> > + if (over->reset)
> > + drv->reset = over->reset;
> > + }
> >
> > }
> > EXPORT_SYMBOL_GPL(ohci_init_driver);
>
> You were scooped by Kevin Hilman:
>
> http://marc.info/?l=linux-usb&m=138029463906143&w=2
Happens. :)
Nice to have this fixed anyway.
Best regards,
Tomasz