Received: by 2002:a05:6a10:c604:0:0:0:0 with SMTP id y4csp4467749pxt; Wed, 11 Aug 2021 06:49:20 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwefllu6XcMfs2NCAiI69zsA5x7AvTI4jXDhwDeCrg0KbPem1fgbCtYRKKooow7VsZbpsMH X-Received: by 2002:a05:6402:50:: with SMTP id f16mr11406963edu.346.1628689760665; Wed, 11 Aug 2021 06:49:20 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1628689760; cv=none; d=google.com; s=arc-20160816; b=0Toj1vAXt4NMKj75vIfNwN/fIJtja+9/Y0ezcJcQV8MA4mJ6xlp45wAjux5PtKEoem k7GMwNhlJghKy2R7fVqFj7mwQRMUZsrTJk38jLVPcc02GsCrm376twpNf2lJBPtpEuJe quRrcXRsLx7aoN8FTo6gCl0diL4KzWIhryJ/8+UWaZDtJWhU3BgvfsVcB02bUnikL8cp eN5c/2tW3NNrGU9dL9jgtEDl1DJoO6cItKaJ5cZP2lfuB433CVCpXt2YuUNsYec6N3A+ JUrVpTqiMk8iaLT3f8XJ3ysm5EY/b7BbftaHwjyZ/CeeYYo7BNNtgrg5HnO7oF78ZmeP //fg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-transfer-encoding :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=GFsLrpkcVnHQAcI9LO6wyCFOtOWqn6o7HFSxtLHjjvU=; b=MwFKM8wNhhSDrgVkO0n0vvf8nUVEy7WCJpx0/NcAUBkZHPywvqYEknch87Fru0UxOB 10sBBl0RDeQTRMQJAZ0/EkQnDBrBNBYtV16YTOMSuyPQXj6o6jFQHDC+jhQFz7tAMqF3 /SJ/qMXOxwrvPdpbw9qscIpKX8xillzNFXjgR44v92CluPXzM1exG2VtTNK1JEkksXGZ nnxwei9DFik+A9sF5iM6UFlTjFrx7qWqcFxRstGIoyhcPRlxa1KBKlnQPsxvLxABMgUd OqRFmEE5D8kCOM0sKlous7bevP2To11DQ9OMDEGpgKmN10DOENQhKQr8WshN1DbFNOnC Bp7g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@ragnatech-se.20150623.gappssmtp.com header.s=20150623 header.b=KCrGeOVE; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id dt20si2957926ejc.159.2021.08.11.06.48.53; Wed, 11 Aug 2021 06:49:20 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@ragnatech-se.20150623.gappssmtp.com header.s=20150623 header.b=KCrGeOVE; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231176AbhHKNqJ (ORCPT + 99 others); Wed, 11 Aug 2021 09:46:09 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47766 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231240AbhHKNqI (ORCPT ); Wed, 11 Aug 2021 09:46:08 -0400 Received: from mail-lf1-x135.google.com (mail-lf1-x135.google.com [IPv6:2a00:1450:4864:20::135]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E15DFC061765 for ; Wed, 11 Aug 2021 06:45:44 -0700 (PDT) Received: by mail-lf1-x135.google.com with SMTP id g30so5876945lfv.4 for ; Wed, 11 Aug 2021 06:45:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ragnatech-se.20150623.gappssmtp.com; s=20150623; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:content-transfer-encoding:in-reply-to; bh=GFsLrpkcVnHQAcI9LO6wyCFOtOWqn6o7HFSxtLHjjvU=; b=KCrGeOVEN0pWbe2RdBYdpRxYelobeG+W/B1dX6vvROlFe1zePluh6zndsGEXbiVQG+ Yo/g/nuafosL4mPPipY0ghaubJLiZYIF6jPtgfuWZWJyALsWpG9BWsETK28WxOs/f0KK KcwGYYZFYAJC9ZvECQYupjVjq+ajk85A2Jtd862R3xxIbP+p7mPhpx8FPogLYdcNr+6+ PZcHSDIlrMKgNH+/RsriCcomjD5z5oKnTG5rT65qjTfRLNh5dWboTr9Tim0opPLsf7Ud Ju68rI5iij5XNDJGKZdh5jXxoscX090Un1xDy5V2HSnKdzqD+vqi65BpHPtpAVRYPQUg u46Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:content-transfer-encoding :in-reply-to; bh=GFsLrpkcVnHQAcI9LO6wyCFOtOWqn6o7HFSxtLHjjvU=; b=RDSWVi1UX1XK/peQ5r+uVkTDuebdJbZRr82V7cC09oa2s0j5AiXrWwrl2joqexNWDr ewafdHUixsvve4OXxH1L4qMo/12EB9yzEupHlYcogjmN0wJgBG1XQusFv6LV21+zwJJL QTtmbon7hSCCAPjdtK4vHFirxM0rVFYqS70UsozeRI0A6pm0/dW4U+mv44sH5Pd1YjrG ujaTWbJ1HQhDGxh6L2aAKMxk9fJukqssIUMfnp8NL2C/O70jc2oKGgueXLOW8/ModWzh tydneVH7p5gG9c/S0vfhAmKyIqbAsQkd4ubyRzxkOU8baXsokSjpDjyMMjJJc+pKSfRb Qrgw== X-Gm-Message-State: AOAM531ZwGGlNLMSVieaOP3z9UEKdMh0S0a4Xto+ea7wLToTlKP26TzD CMmcDlmNlLIhNcoity5m73jqaA== X-Received: by 2002:a05:6512:3b3:: with SMTP id v19mr1731028lfp.10.1628689543315; Wed, 11 Aug 2021 06:45:43 -0700 (PDT) Received: from localhost (h-46-59-88-219.A463.priv.bahnhof.se. [46.59.88.219]) by smtp.gmail.com with ESMTPSA id b42sm2353668lfv.135.2021.08.11.06.45.42 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 11 Aug 2021 06:45:42 -0700 (PDT) Date: Wed, 11 Aug 2021 15:45:42 +0200 From: Niklas =?iso-8859-1?Q?S=F6derlund?= To: Nadezda Lutovinova Cc: Mauro Carvalho Chehab , linux-media@vger.kernel.org, linux-renesas-soc@vger.kernel.org, linux-kernel@vger.kernel.org, ldv-project@linuxtesting.org Subject: Re: [PATCH] media: rcar-csi2: Add checking to rcsi2_start_receiver(). Message-ID: References: <20210811133142.13363-1-lutovinova@ispras.ru> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <20210811133142.13363-1-lutovinova@ispras.ru> Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Nadezda, Thanks for your work. On 2021-08-11 16:31:42 +0300, Nadezda Lutovinova wrote: > If rcsi2_code_to_fmt() return NULL, > then null pointer dereference occurs in the next cycle. > The patch adds checking if format is NULL. > > Found by Linux Driver Verification project (linuxtesting.org). Please drop the '.' at the end of the patch subject. Also the commit message could be better line wrapped. > > Signed-off-by: Nadezda Lutovinova > --- > drivers/media/platform/rcar-vin/rcar-csi2.c | 6 ++++++ > 1 file changed, 6 insertions(+) > > diff --git a/drivers/media/platform/rcar-vin/rcar-csi2.c b/drivers/media/platform/rcar-vin/rcar-csi2.c > index e28eff039688..55bb584d2a13 100644 > --- a/drivers/media/platform/rcar-vin/rcar-csi2.c > +++ b/drivers/media/platform/rcar-vin/rcar-csi2.c > @@ -553,6 +553,12 @@ static int rcsi2_start_receiver(struct rcar_csi2 *priv) > > /* Code is validated in set_fmt. */ > format = rcsi2_code_to_fmt(priv->mf.code); > + if (!format) { This can never happen ;-) The only place priv->mf.code is set (after probe) is in rcsi2_set_pad_format() and there it explicitly checks if rcsi2_code_to_fmt() returns NULl and if so sets it to something that guarantees it will not. Think of it as the verification is done at format configuration time so we don't have to have check it at start time. The reason for this is that we can't do much about a failure here other then fail the start while at configure time we can try to correct it and inform the user of the change. That being said, I'm not oppose to fail the start here if we ever do introduce a bug here where rcsi2_code_to_fmt() would return NULL here. But I would like to drop the dev_err() here and just return -EINVAL. I would mention in the commit message that this protects from future bugs. > + dev_err(priv->dev, > + "Incorrect mbus frame format code %u\n", > + priv->mf.code); > + return -EINVAL; > + } > > /* > * Enable all supported CSI-2 channels with virtual channel and > -- > 2.17.1 > -- Regards, Niklas S?derlund