pci_get_slot() may return NULL if nothing was found.
quirk_nvidia_ck804() does not check the value returned from pci_get_slot(),
so it may end up causing a NULL pointer deref.
Signed-off-by: Jesper Juhl <[email protected]>
---
drivers/pci/quirks.c | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/drivers/pci/quirks.c b/drivers/pci/quirks.c
index 5b44838..d3dcbda 100644
--- a/drivers/pci/quirks.c
+++ b/drivers/pci/quirks.c
@@ -1741,6 +1741,8 @@ static void __devinit quirk_nvidia_ck804
* a single one having MSI is enough to be sure that MSI are supported.
*/
pdev = pci_get_slot(dev->bus, 0);
+ if (!pdev)
+ return;
if (dev->subordinate && !msi_ht_cap_enabled(dev)
&& !msi_ht_cap_enabled(pdev)) {
printk(KERN_WARNING "PCI: MSI quirk detected. "
On Sat, 2 Dec 2006 00:21:56 +0100
Jesper Juhl <[email protected]> wrote:
> pci_get_slot() may return NULL if nothing was found.
> quirk_nvidia_ck804() does not check the value returned from pci_get_slot(),
> so it may end up causing a NULL pointer deref.
>
>
> Signed-off-by: Jesper Juhl <[email protected]>
I don't think its a physically possible case but it does no harm and
it'll kill boot if it happens
Acked-by: Alan Cox <[email protected]>
On Sat, 2 Dec 2006, Jesper Juhl wrote:
> pci_get_slot() may return NULL if nothing was found.
> quirk_nvidia_ck804() does not check the value returned from pci_get_slot(),
> so it may end up causing a NULL pointer deref.
>
Looks good. The possible NULL pointer is actually not at pci_dev_put,
but rather at pci_find_capability on the msi_ht_cap_enabled(pdev) call.
> diff --git a/drivers/pci/quirks.c b/drivers/pci/quirks.c
> index 5b44838..d3dcbda 100644
> --- a/drivers/pci/quirks.c
> +++ b/drivers/pci/quirks.c
> @@ -1741,6 +1741,8 @@ static void __devinit quirk_nvidia_ck804
> * a single one having MSI is enough to be sure that MSI are supported.
> */
> pdev = pci_get_slot(dev->bus, 0);
> + if (!pdev)
> + return;
> if (dev->subordinate && !msi_ht_cap_enabled(dev)
> && !msi_ht_cap_enabled(pdev)) {
> printk(KERN_WARNING "PCI: MSI quirk detected. "
>
The check for dev->subordinate in the neighboring conditional can also be
removed.
David