Add null check before dereferencing pointer ver_packet.
Print error message and exit in case pointer ver_packet
is NULL.
Addresses-Coverity-ID: 1362295
Signed-off-by: Gustavo A. R. Silva <[email protected]>
---
drivers/tty/ipwireless/hardware.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/drivers/tty/ipwireless/hardware.c b/drivers/tty/ipwireless/hardware.c
index df0204b..20db99d 100644
--- a/drivers/tty/ipwireless/hardware.c
+++ b/drivers/tty/ipwireless/hardware.c
@@ -1515,6 +1515,13 @@ static void ipw_send_setup_packet(struct ipw_hardware *hw)
sizeof(struct ipw_setup_get_version_query_packet),
ADDR_SETUP_PROT, TL_PROTOCOLID_SETUP,
TL_SETUP_SIGNO_GET_VERSION_QRY);
+
+ if (!ver_packet) {
+ pr_err(IPWIRELESS_PCCARD_NAME
+ ": Not enough memory to send packet\n");
+ return;
+ }
+
ver_packet->header.length = sizeof(struct tl_setup_get_version_qry);
/*
--
2.5.0
On Mon, Jun 05, 2017 at 03:50:02PM -0500, Gustavo A. R. Silva wrote:
> Add null check before dereferencing pointer ver_packet.
> Print error message and exit in case pointer ver_packet
> is NULL.
And what next? The caller does not expect a failure and continues as if
the packet has been set up and sent and waiting for a response. This
will likely hang somewhere or just do nothing regarding
sending/receiving user packets. Failures of alloc_ctrl_packet are
handled elsewhere, even during the setup phase so this could be handled
more gracefully.