From: Gong Yuanjun <[email protected]>
In regulator/cros-ec-regulator.c, cros_ec_cmd is sometimes called
with *indata set to NULL.
static int cros_ec_regulator_enable(struct regulator_dev *dev){
...
cros_ec_cmd(data->ec_dev, 0, EC_CMD_REGULATOR_ENABLE, &cmd,
sizeof(cmd), NULL, 0)
...}
Don't do memcpy if indata is NULL.
Signed-off-by: Gong Yuanjun <[email protected]>
---
drivers/platform/chrome/cros_ec_proto.c | 2 +-
drivers/regulator/cros-ec-regulator.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/platform/chrome/cros_ec_proto.c b/drivers/platform/chrome/cros_ec_proto.c
index c4caf2e2de82..da175c57cff7 100644
--- a/drivers/platform/chrome/cros_ec_proto.c
+++ b/drivers/platform/chrome/cros_ec_proto.c
@@ -938,7 +938,7 @@ int cros_ec_command(struct cros_ec_device *ec_dev,
if (ret < 0)
goto error;
- if (insize)
+ if (indata && insize)
memcpy(indata, msg->data, insize);
error:
kfree(msg);
diff --git a/drivers/regulator/cros-ec-regulator.c b/drivers/regulator/cros-ec-regulator.c
index c4754f3cf233..1c7ff085e492 100644
--- a/drivers/regulator/cros-ec-regulator.c
+++ b/drivers/regulator/cros-ec-regulator.c
@@ -44,7 +44,7 @@ static int cros_ec_cmd(struct cros_ec_device *ec, u32 version, u32 command,
if (ret < 0)
goto cleanup;
- if (insize)
+ if (indata && insize)
memcpy(indata, msg->data, insize);
cleanup:
--
2.17.1
On Tue, May 17, 2022 at 05:55:21PM +0800, Yuanjun Gong wrote:
> From: Gong Yuanjun <[email protected]>
>
> In regulator/cros-ec-regulator.c, cros_ec_cmd is sometimes called
> with *indata set to NULL.
>
> static int cros_ec_regulator_enable(struct regulator_dev *dev){
> ...
> cros_ec_cmd(data->ec_dev, 0, EC_CMD_REGULATOR_ENABLE, &cmd,
> sizeof(cmd), NULL, 0)
> ...}
>
> Don't do memcpy if indata is NULL.
The fix makes less sense to me. Did you find somewhere that `indata` is NULL
but `insize` is not 0?