The NULL check was done to late, and there it was a risk
of a possible null pointer dereference.
This was partially found by using a static code analysis program called cppcheck.
Signed-off-by: Rickard Strandqvist <[email protected]>
---
drivers/staging/line6/toneport.c | 15 ++++++++-------
1 file changed, 8 insertions(+), 7 deletions(-)
diff --git a/drivers/staging/line6/toneport.c b/drivers/staging/line6/toneport.c
index 6943715..660dc3f 100644
--- a/drivers/staging/line6/toneport.c
+++ b/drivers/staging/line6/toneport.c
@@ -433,12 +433,16 @@ void line6_toneport_reset_resume(struct usb_line6_toneport *toneport)
void line6_toneport_disconnect(struct usb_interface *interface)
{
struct usb_line6_toneport *toneport;
+ struct snd_line6_pcm *line6pcm;
u16 idProduct;
if (interface == NULL)
return;
toneport = usb_get_intfdata(interface);
+ if (NULL == toneport)
+ return;
+
del_timer_sync(&toneport->timer);
idProduct = le16_to_cpu(toneport->line6.usbdev->descriptor.idProduct);
@@ -447,13 +451,10 @@ void line6_toneport_disconnect(struct usb_interface *interface)
device_remove_file(&interface->dev, &dev_attr_led_green);
}
- if (toneport != NULL) {
- struct snd_line6_pcm *line6pcm = toneport->line6.line6pcm;
-
- if (line6pcm != NULL) {
- line6_pcm_release(line6pcm, LINE6_BITS_PCM_MONITOR);
- line6_pcm_disconnect(line6pcm);
- }
+ line6pcm = toneport->line6.line6pcm;
+ if (line6pcm != NULL) {
+ line6_pcm_release(line6pcm, LINE6_BITS_PCM_MONITOR);
+ line6_pcm_disconnect(line6pcm);
}
toneport_destruct(interface);
--
1.7.10.4
On Sun, Dec 21, 2014 at 10:43 PM, Rickard Strandqvist
<[email protected]> wrote:
> The NULL check was done to late, and there it was a risk
> of a possible null pointer dereference.
>
> This was partially found by using a static code analysis program called cppcheck.
>
> Signed-off-by: Rickard Strandqvist <[email protected]>
> ---
> drivers/staging/line6/toneport.c | 15 ++++++++-------
> 1 file changed, 8 insertions(+), 7 deletions(-)
Reviewed-by: Stefan Hajnoczi <[email protected]>