The class_ptr will be NULL if pvr2_sysfs_class_create() fails
in pvr_init(), when call pvr2_sysfs_class_destroy(), it will
lead to null-ptr-deref, fix it.
Reported-by: Hulk Robot <[email protected]>
Signed-off-by: Kefeng Wang <[email protected]>
---
drivers/media/usb/pvrusb2/pvrusb2-sysfs.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/media/usb/pvrusb2/pvrusb2-sysfs.c b/drivers/media/usb/pvrusb2/pvrusb2-sysfs.c
index 7bc6d090358e..b6c6b314fadc 100644
--- a/drivers/media/usb/pvrusb2/pvrusb2-sysfs.c
+++ b/drivers/media/usb/pvrusb2/pvrusb2-sysfs.c
@@ -802,7 +802,8 @@ struct pvr2_sysfs_class *pvr2_sysfs_class_create(void)
void pvr2_sysfs_class_destroy(struct pvr2_sysfs_class *clp)
{
pvr2_sysfs_trace("Unregistering pvr2_sysfs_class id=%p", clp);
- class_unregister(&clp->class);
+ if (clp)
+ class_unregister(&clp->class);
}
--
2.20.1
Acked-By: Mike Isely <[email protected]>
On Wed, 5 Jun 2019, Kefeng Wang wrote:
> The class_ptr will be NULL if pvr2_sysfs_class_create() fails
> in pvr_init(), when call pvr2_sysfs_class_destroy(), it will
> lead to null-ptr-deref, fix it.
>
> Reported-by: Hulk Robot <[email protected]>
> Signed-off-by: Kefeng Wang <[email protected]>
> ---
> drivers/media/usb/pvrusb2/pvrusb2-sysfs.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/media/usb/pvrusb2/pvrusb2-sysfs.c b/drivers/media/usb/pvrusb2/pvrusb2-sysfs.c
> index 7bc6d090358e..b6c6b314fadc 100644
> --- a/drivers/media/usb/pvrusb2/pvrusb2-sysfs.c
> +++ b/drivers/media/usb/pvrusb2/pvrusb2-sysfs.c
> @@ -802,7 +802,8 @@ struct pvr2_sysfs_class *pvr2_sysfs_class_create(void)
> void pvr2_sysfs_class_destroy(struct pvr2_sysfs_class *clp)
> {
> pvr2_sysfs_trace("Unregistering pvr2_sysfs_class id=%p", clp);
> - class_unregister(&clp->class);
> + if (clp)
> + class_unregister(&clp->class);
> }
>
>
>
--
Mike Isely
isely @ isely (dot) net
PGP: 03 54 43 4D 75 E5 CC 92 71 16 01 E2 B5 F5 C1 E8