Received: by 2002:a05:6a10:17d3:0:0:0:0 with SMTP id hz19csp97218pxb; Wed, 14 Apr 2021 10:16:29 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzPLzv4+gdbCSjeYF0uDLWEAGs/U3F5uX3M4zbEIaS0ZXJCgo05rNJDfIIVyOZ9idK+2GWZ X-Received: by 2002:a17:902:a9c2:b029:e7:147f:76a1 with SMTP id b2-20020a170902a9c2b02900e7147f76a1mr39946413plr.5.1618420589254; Wed, 14 Apr 2021 10:16:29 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1618420589; cv=none; d=google.com; s=arc-20160816; b=SAnbKrS9FZ7ocqCjr35UcqDJ+JrICvTLI98lkFIsDoKctHRuUrZkJv2JUV1sPktF8M YwkUUdem8O1pqNjqjLR3EPk7cvmnMUCxuHiTXk3ZDtiHC4Dr0CErS0kCAZGkhugXuder /dRaUhtWGnXJBT/0neX5VnSvkKpqnEt8w05aPeTvucW+mVsPFumfSgyUZQSoMFDP5MEl Q1K/2sH8KiyhF6q8m7ntKtSGP/Gj+f9jq0ez4s7B10n6kHB5+OFU3r8Lsg86GT0LKDCp 8Nxvwrp3aJiPqTVjY8VYX36By1g64qzw12mrU5l95/unqwcJJYF4yB2/i+0/a+okb3Au qT1A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :in-reply-to:mime-version:user-agent:date:message-id:from:references :cc:to:subject; bh=1gNdMZIY7k9qgwfrohIjWBJglr1iMiMfvSgX5G9T2aM=; b=mCnzKbOdW+pYaDcjYjlU3qTF+tSXOyYQ5pR6WKWHbB5ieu6wBdwbAHcZ8iRvb70iBp VsZS5KvrQQ7sXbFA8AJEdrg/N85wJ2rnYGDdWybalMits8f5lWuAQlHIvQdPLKHh7iBw ESHiTUciPSZw+fG1jz759aJEBW8leqsF5DZqzROPU8didMOhJfJcS4Vk6WCwAHBBnDXE eoySyttvV6uuRnAfzcQYfs+r56WMh/fv5aEFzJZI0TpKbmqDcc59XM6wXd29s3lEQdNj XMlMqwEKuJ/2bPyFOCU9ZXOiOnHnu6g1gJ8qRSPY+Wgckz1iv8etWBSb33nYXj32ICqd Pa6w== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=canonical.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id w1si164244pjr.61.2021.04.14.10.16.17; Wed, 14 Apr 2021 10:16:29 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=canonical.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1352037AbhDNPZt (ORCPT + 99 others); Wed, 14 Apr 2021 11:25:49 -0400 Received: from youngberry.canonical.com ([91.189.89.112]:41622 "EHLO youngberry.canonical.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1346177AbhDNPZt (ORCPT ); Wed, 14 Apr 2021 11:25:49 -0400 Received: from mail-ej1-f72.google.com ([209.85.218.72]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1lWhOQ-0003HY-S3 for linux-kernel@vger.kernel.org; Wed, 14 Apr 2021 15:25:26 +0000 Received: by mail-ej1-f72.google.com with SMTP id p11so550838eju.2 for ; Wed, 14 Apr 2021 08:25:26 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=1gNdMZIY7k9qgwfrohIjWBJglr1iMiMfvSgX5G9T2aM=; b=pxuu9RoN6GgBzJNyhPUD3IFWZJcXCircszCLxh+QcnNwPAxRyWDEXA9VBRP1WoxiG8 hyc0Ss9LDX/v02QRodvPU9xgFVgRzCPW6/ZwCKvuNjDaQa8taLUgbeXjdFgV/u7VSowJ e3peWYbrv+Abovh5+Yo+thrrvdoz6S3bzQh8NiWt9vsdLInRodOV85cnwmNcXk8KmSF+ 91vLvU8MqA0bzLRwMUfQdJOiLTPIu3Lh/Z3Hh5tVY14eybaZa0LrCY9GpnZ/v2EW1X0D DQK1eCW9HbYU9n0GLCwACsO4BZt7xSp4VpjLvYE6BwDmAfd0ayvpZHsl6BdNvy+Oz4vp Nqfw== X-Gm-Message-State: AOAM5324xsfJlYCahtf5L1FTRgBtWU3uOGUvApNMXGEoEWI70ktQhMMp O4REX26h4XL+eSTphEd98gT97l2Cq0SMYiwa6rzK6NmgD1LJNDoNTij0hgDMt4FYrHhKnJguYs6 CTRYpxnoxK8/drP/Qt+SHj1kbM9BTNQ30btAVrgHLHg== X-Received: by 2002:aa7:d14a:: with SMTP id r10mr31775574edo.385.1618413926563; Wed, 14 Apr 2021 08:25:26 -0700 (PDT) X-Received: by 2002:aa7:d14a:: with SMTP id r10mr31775562edo.385.1618413926402; Wed, 14 Apr 2021 08:25:26 -0700 (PDT) Received: from [192.168.1.115] (xdsl-188-155-192-147.adslplus.ch. [188.155.192.147]) by smtp.gmail.com with ESMTPSA id n14sm6781032ejy.90.2021.04.14.08.25.25 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 14 Apr 2021 08:25:25 -0700 (PDT) Subject: Re: [PATCH 1/3] mmc: sdhci-s3c: fix possible NULL pointer dereference when probed via platform To: Ben Dooks , Jaehoon Chung , Adrian Hunter , Ulf Hansson , linux-mmc@vger.kernel.org, linux-kernel@vger.kernel.org Cc: Marek Szyprowski , Sylwester Nawrocki References: <20210414151242.102313-1-krzysztof.kozlowski@canonical.com> From: Krzysztof Kozlowski Message-ID: Date: Wed, 14 Apr 2021 17:25:25 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.7.1 MIME-Version: 1.0 In-Reply-To: <20210414151242.102313-1-krzysztof.kozlowski@canonical.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 14/04/2021 17:12, Krzysztof Kozlowski wrote: > The driver can be matched by legacy platform way or OF-device matching. > In the first case, of_match_node() can return NULL, which immediately > would be dereferenced to get the match data. > > Addresses-Coverity: Dereference null return value > Fixes: cd1b00eb24b0 ("mmc: sdhci-s3c: Add device tree support") > Signed-off-by: Krzysztof Kozlowski > --- > > Not tested on HW, but the code should be equivalent (plus safer). > > drivers/mmc/host/sdhci-s3c.c | 12 +++--------- > 1 file changed, 3 insertions(+), 9 deletions(-) > > diff --git a/drivers/mmc/host/sdhci-s3c.c b/drivers/mmc/host/sdhci-s3c.c > index f48a788a9d3d..8e1dca625620 100644 > --- a/drivers/mmc/host/sdhci-s3c.c > +++ b/drivers/mmc/host/sdhci-s3c.c > @@ -20,6 +20,7 @@ > #include > #include > #include > +#include > #include > #include > #include > @@ -461,19 +462,12 @@ static int sdhci_s3c_parse_dt(struct device *dev, > } > #endif > > -#ifdef CONFIG_OF > -static const struct of_device_id sdhci_s3c_dt_match[]; > -#endif > - > static inline struct sdhci_s3c_drv_data *sdhci_s3c_get_driver_data( > struct platform_device *pdev) > { > #ifdef CONFIG_OF > - if (pdev->dev.of_node) { > - const struct of_device_id *match; > - match = of_match_node(sdhci_s3c_dt_match, pdev->dev.of_node); Now I have second thoughts whether NULL pointer can actually happen. If device is matched via platform/board files, maybe the pdev->dev.of_node will be NULL thus skipping this branch? Could there be a case where device is matched via platform_device_id() (which has different name than compatible!) and (pdev->dev.of_node) is still assigned? Maybe in case of out of tree DTS? Anyway, the patch makes the code simpler/smaller, so I still think it is reasonable. Just the severity of issue is questionable... Best regards, Krzysztof