Received: by 2002:ac0:a5b6:0:0:0:0:0 with SMTP id m51-v6csp2206615imm; Sat, 9 Jun 2018 09:59:09 -0700 (PDT) X-Google-Smtp-Source: ADUXVKIsCtT2c5NLtMTw9xmM1elNXk+flF2xX5Qe9ujR/9ugznbU4fPVeNpd3IwHIzzi1/coT0Zw X-Received: by 2002:a63:a312:: with SMTP id s18-v6mr9104642pge.187.1528563549923; Sat, 09 Jun 2018 09:59:09 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1528563549; cv=none; d=google.com; s=arc-20160816; b=M25/BIVltyevDhAEjMpqS/W+Tl88syQAfsBPAoyp09U96VcKCe9omMzh4XVvy9bGe3 VRz054ThMbFXP2/vle0kZKXhFRfDqWSVkjBjJTXaZOxzB5VL8TSvQkUOt9EuIE6nuXQf EVtB2yB274Iqk52u838KOItjZlfW3PtamLdH4ySSEd3R09ABroOcEtpe6OuaUyI9r1pC LcgZW23PuMfo8p+Cv50nLhX3QPJqnTAJpRORAJ7J9cAqN68bZCbxj8rAZKmjru9GjSvF Qy5vf46G7iFdtDNrDvArQ5pXYNWrrW0TDkhyzH4zm00pOS7mVPG1zAcyLL9gsqyZr1YO v4QQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:message-id:references :in-reply-to:subject:cc:to:from:date:content-transfer-encoding :mime-version:dkim-signature:dkim-signature :arc-authentication-results; bh=TyRU/807fmGG/HPo5HHdQ1DdFSJY8y7tLXmhs1t4ABQ=; b=H4n4JvoTD/wnxbp9JmUc+xAh7vm2KcyEg+g9c1XejxMRf5cN146D3O2HKJ5Wji31aN Q9PVogH7yz+grSzL5Hay4zsqwvB2saRCD4Tkr6xAoMuJOmKsUlC2HBxSlxj+0z2ez/4v rRVRP6yb4kRliBzb2UdDCqy+ApWN+WLra/mnDlv1YamVe3s0d/JU0kfQEffEvB0TvCEC TABPIvVX0rrfboDLDlBnpla8NT7mQZpqJFrERvFIPTC3OZjHB7x9psuigzs18cg6VLgN 3qzewP/kESSkBpHrWXeJ3ZxBly0hyndN+p9ORYcP8zWh62VCTfKfyeGjBAFP0nlzygrX 1fEQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@codeaurora.org header.s=default header.b=n/hXDBvk; dkim=pass header.i=@codeaurora.org header.s=default header.b=I8yPz+qc; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id t135-v6si29186760pgc.524.2018.06.09.09.58.53; Sat, 09 Jun 2018 09:59:09 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@codeaurora.org header.s=default header.b=n/hXDBvk; dkim=pass header.i=@codeaurora.org header.s=default header.b=I8yPz+qc; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753463AbeFIQ63 (ORCPT + 99 others); Sat, 9 Jun 2018 12:58:29 -0400 Received: from smtp.codeaurora.org ([198.145.29.96]:60142 "EHLO smtp.codeaurora.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753426AbeFIQ62 (ORCPT ); Sat, 9 Jun 2018 12:58:28 -0400 Received: by smtp.codeaurora.org (Postfix, from userid 1000) id 44038608C8; Sat, 9 Jun 2018 16:58:28 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=codeaurora.org; s=default; t=1528563508; bh=BJiuEoj4dp7vlkanweuRE6GS3PpurrIC4N6m2glDG7U=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=n/hXDBvkSu7FLmSCN56jWW+1+ek2TiAFr1Tv3Biejm3vLzKgeiYfc6xv6q8TmNr5e rLZtLsL6nMI4ZZH/vYRC6bU1X3aG0wl+sppRSkc+BhhCSOjGgDmAYs8yECU2UgtmM/ qlofj6W7ivDH5jKwr7AqkFYSS0wZ22L85Cjj4bC0= X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on pdx-caf-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.8 required=2.0 tests=ALL_TRUSTED,BAYES_00, DKIM_SIGNED,T_DKIM_INVALID autolearn=no autolearn_force=no version=3.4.0 Received: from mail.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.codeaurora.org (Postfix) with ESMTP id 7D270607DC; Sat, 9 Jun 2018 16:58:27 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=codeaurora.org; s=default; t=1528563507; bh=BJiuEoj4dp7vlkanweuRE6GS3PpurrIC4N6m2glDG7U=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=I8yPz+qcXL1+TAMcsrYOMzhYlbG36ijxYPJwD4nCQYNcozvT/9xylsmHzFUKga8/w AbX5U9dPbzoxilskf1/MG5M4Ir+fGBq2sZHjjqaE9QaxezqR3BD4KiQSCOIdU1Kikj qcSYJHlYR66ZQaC7hrrxB9q+1iFvM/fzBMAtHXf4= MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit Date: Sat, 09 Jun 2018 12:58:27 -0400 From: okaya@codeaurora.org To: Anton Vasilyev Cc: Greg Kroah-Hartman , Johannes Thumshirn , Gaurav Pathak , Hannes Reinecke , devel@driverdev.osuosl.org, linux-kernel@vger.kernel.org, ldv-project@linuxtesting.org Subject: Re: [PATCH] staging: rts5208: add check on NULL before dereference In-Reply-To: <20180609163829.30619-1-vasilyev@ispras.ru> References: <20180609163829.30619-1-vasilyev@ispras.ru> Message-ID: X-Sender: okaya@codeaurora.org User-Agent: Roundcube Webmail/1.2.5 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 2018-06-09 12:38, Anton Vasilyev wrote: > If rtsx_probe fails to allocate dev->chip, then NULL pointer > dereference occurs at rtsx_release_resources(). > > Patch adds checks chip on NULL before its dereference at > rtsx_release_resources and passing with dereference inside > rtsx_release_chip. > > Found by Linux Driver Verification project (linuxtesting.org). > > Signed-off-by: Anton Vasilyev > --- > drivers/staging/rts5208/rtsx.c | 5 +++-- > 1 file changed, 3 insertions(+), 2 deletions(-) > > diff --git a/drivers/staging/rts5208/rtsx.c > b/drivers/staging/rts5208/rtsx.c > index 70e0b8623110..952dd0d580cf 100644 > --- a/drivers/staging/rts5208/rtsx.c > +++ b/drivers/staging/rts5208/rtsx.c > @@ -623,12 +623,13 @@ static void rtsx_release_resources(struct > rtsx_dev *dev) > I think you should bail out if dev->chip is null rather than adding conditiinals. > if (dev->irq > 0) > free_irq(dev->irq, (void *)dev); > - if (dev->chip->msi_en) > + if (dev->chip && dev->chip->msi_en) > pci_disable_msi(dev->pci); > if (dev->remap_addr) > iounmap(dev->remap_addr); > + if (dev->chip) > + rtsx_release_chip(dev->chip); > > - rtsx_release_chip(dev->chip); > kfree(dev->chip); > }