diff options
author | chloedai <chloedai@google.com> | 2021-11-16 07:41:08 +0000 |
---|---|---|
committer | chloedai <chloedai@google.com> | 2021-11-18 03:20:57 +0000 |
commit | 9f506bb9c8f365708df29ffac4164c1b6e30f340 (patch) | |
tree | edc12200ac01a8978d8db4f7eb5766146267ec91 | |
parent | 08886a0ea9d89d22f911d663d55b9fff2b8a3846 (diff) | |
download | nfc-android-gs-lynx-5.10-android13-qpr2-b.tar.gz |
Fix the problem of dereferencing a NULL pointerandroid-u-qpr3-beta-2_r0.7android-u-qpr3-beta-2_r0.6android-u-qpr3-beta-2_r0.5android-u-qpr3-beta-2_r0.4android-u-qpr3-beta-2_r0.3android-u-qpr3-beta-2_r0.2android-u-qpr3-beta-1_r0.7android-u-qpr3-beta-1_r0.5android-u-qpr3-beta-1_r0.4android-u-qpr3-beta-1_r0.3android-u-qpr3-beta-1_r0.2android-u-qpr3-beta-1_r0.1android-u-qpr2-beta-3_r0.7android-u-qpr2-beta-3_r0.6android-u-qpr2-beta-3_r0.5android-u-qpr2-beta-3_r0.4android-u-qpr2-beta-3_r0.3android-u-qpr2-beta-3_r0.2android-u-qpr2-beta-3.1_r0.7android-u-qpr2-beta-3.1_r0.5android-u-qpr2-beta-3.1_r0.4android-u-qpr2-beta-3.1_r0.3android-u-qpr2-beta-3.1_r0.2android-u-qpr2-beta-3.1_r0.1android-u-qpr2-beta-2_r0.7android-u-qpr2-beta-2_r0.5android-u-qpr2-beta-2_r0.4android-u-qpr2-beta-2_r0.3android-u-qpr2-beta-2_r0.2android-u-qpr2-beta-2_r0.1android-u-qpr2-beta-1_r0.6android-u-qpr2-beta-1_r0.5android-u-qpr2-beta-1_r0.4android-u-qpr2-beta-1_r0.3android-u-qpr2-beta-1_r0.2android-u-qpr2-beta-1_r0.1android-u-qpr1-beta-2_r0.7android-u-qpr1-beta-2_r0.5android-u-qpr1-beta-2_r0.4android-u-qpr1-beta-2_r0.3android-u-qpr1-beta-2_r0.2android-u-qpr1-beta-2_r0.1android-u-qpr1-beta-2.2_r0.6android-u-qpr1-beta-2.2_r0.5android-u-qpr1-beta-2.2_r0.4android-u-qpr1-beta-2.2_r0.3android-u-qpr1-beta-2.2_r0.2android-u-qpr1-beta-2.2_r0.1android-u-qpr1-beta-2.1_r0.7android-u-qpr1-beta-2.1_r0.5android-u-qpr1-beta-2.1_r0.4android-u-qpr1-beta-2.1_r0.3android-u-qpr1-beta-2.1_r0.2android-u-qpr1-beta-2.1_r0.1android-u-qpr1-beta-1_r0.7android-u-qpr1-beta-1_r0.5android-u-qpr1-beta-1_r0.4android-u-qpr1-beta-1_r0.3android-u-qpr1-beta-1_r0.2android-u-qpr1-beta-1_r0.1android-u-preview-2_r0.4android-u-preview-2_r0.3android-u-preview-2_r0.2android-u-preview-1_r0.4android-u-preview-1_r0.3android-u-preview-1_r0.2android-u-beta-5_r0.7android-u-beta-5_r0.5android-u-beta-5_r0.4android-u-beta-5_r0.3android-u-beta-5_r0.2android-u-beta-5_r0.1android-u-beta-5.3_r0.7android-u-beta-5.3_r0.5android-u-beta-5.3_r0.4android-u-beta-5.3_r0.2android-u-beta-5.3_r0.1android-u-beta-5.2_r0.7android-u-beta-5.2_r0.6android-u-beta-5.2_r0.5android-u-beta-5.2_r0.3android-u-beta-5.2_r0.1android-u-beta-4_r0.7android-u-beta-4_r0.5android-u-beta-4_r0.4android-u-beta-4_r0.3android-u-beta-4_r0.2android-u-beta-4_r0.1android-u-beta-3_r0.5android-u-beta-3_r0.4android-u-beta-3_r0.3android-u-beta-3_r0.2android-u-beta-2_r0.4android-u-beta-2_r0.3android-u-beta-2_r0.2android-u-beta-2.1_r0.4android-u-beta-2.1_r0.3android-u-beta-2.1_r0.2android-u-beta-1_r0.5android-u-beta-1_r0.4android-u-beta-1_r0.3android-t-qpr3-beta-3_r0.5android-t-qpr3-beta-3_r0.4android-t-qpr3-beta-3_r0.3android-t-qpr3-beta-3.1_r0.5android-t-qpr3-beta-3.1_r0.4android-t-qpr3-beta-3.1_r0.3android-t-qpr3-beta-2_r0.5android-t-qpr3-beta-2_r0.4android-t-qpr3-beta-2_r0.3android-t-qpr3-beta-1_r0.5android-t-qpr3-beta-1_r0.4android-t-qpr3-beta-1_r0.3android-t-qpr3-beta-1_r0.1android-t-qpr2-beta-3_r0.5android-t-qpr2-beta-3_r0.4android-t-qpr2-beta-3_r0.3android-t-qpr2-beta-3.2_r0.6android-t-qpr2-beta-3.2_r0.5android-t-qpr2-beta-3.2_r0.4android-t-qpr2-beta-2_r0.5android-t-qpr2-beta-2_r0.4android-t-qpr2-beta-2_r0.3android-t-qpr2-beta-1_r0.6android-t-qpr2-beta-1_r0.5android-t-qpr2-beta-1_r0.4android-t-qpr1-beta-3_r0.5android-t-qpr1-beta-3_r0.4android-t-qpr1-beta-3_r0.3android-t-qpr1-beta-3.1_r0.1android-t-qpr1-beta-2_r0.5android-t-qpr1-beta-2_r0.4android-t-qpr1-beta-1_r0.4android-t-qpr1-beta-1_r0.3android-t-preview-2_r0.4android-t-preview-1_r0.4android-t-beta-4_r0.6android-t-beta-4_r0.5android-t-beta-4_r0.4android-t-beta-3_r0.4android-t-beta-3.3_r0.4android-t-beta-3.2_r0.4android-t-beta-2_r0.4android-t-beta-1_r0.4android-15-dp-2_r0.6android-15-dp-2_r0.5android-15-dp-2_r0.3android-15-dp-2_r0.2android-15-dp-2_r0.1android-15-dp-1_r0.7android-15-dp-1_r0.5android-15-dp-1_r0.4android-15-dp-1_r0.3android-15-dp-1_r0.2android-15-dp-1_r0.1android-14.0.0_r0.76android-14.0.0_r0.75android-14.0.0_r0.74android-14.0.0_r0.73android-14.0.0_r0.72android-14.0.0_r0.71android-14.0.0_r0.7android-14.0.0_r0.66android-14.0.0_r0.65android-14.0.0_r0.64android-14.0.0_r0.63android-14.0.0_r0.62android-14.0.0_r0.61android-14.0.0_r0.6android-14.0.0_r0.56android-14.0.0_r0.55android-14.0.0_r0.54android-14.0.0_r0.53android-14.0.0_r0.52android-14.0.0_r0.51android-14.0.0_r0.5android-14.0.0_r0.44android-14.0.0_r0.43android-14.0.0_r0.42android-14.0.0_r0.41android-14.0.0_r0.40android-14.0.0_r0.4android-14.0.0_r0.39android-14.0.0_r0.37android-14.0.0_r0.36android-14.0.0_r0.35android-14.0.0_r0.34android-14.0.0_r0.33android-14.0.0_r0.31android-14.0.0_r0.3android-14.0.0_r0.25android-14.0.0_r0.24android-14.0.0_r0.23android-14.0.0_r0.22android-14.0.0_r0.21android-14.0.0_r0.2android-14.0.0_r0.19android-14.0.0_r0.17android-14.0.0_r0.16android-14.0.0_r0.15android-14.0.0_r0.14android-14.0.0_r0.13android-14.0.0_r0.11android-13.0.0_r0.94android-13.0.0_r0.93android-13.0.0_r0.92android-13.0.0_r0.91android-13.0.0_r0.85android-13.0.0_r0.84android-13.0.0_r0.83android-13.0.0_r0.82android-13.0.0_r0.77android-13.0.0_r0.76android-13.0.0_r0.75android-13.0.0_r0.74android-13.0.0_r0.73android-13.0.0_r0.70android-13.0.0_r0.69android-13.0.0_r0.68android-13.0.0_r0.65android-13.0.0_r0.64android-13.0.0_r0.63android-13.0.0_r0.60android-13.0.0_r0.59android-13.0.0_r0.58android-13.0.0_r0.55android-13.0.0_r0.54android-13.0.0_r0.53android-13.0.0_r0.50android-13.0.0_r0.5android-13.0.0_r0.49android-13.0.0_r0.48android-13.0.0_r0.45android-13.0.0_r0.44android-13.0.0_r0.43android-13.0.0_r0.4android-13.0.0_r0.32android-13.0.0_r0.31android-13.0.0_r0.20android-13.0.0_r0.19android-13.0.0_r0.15android-13.0.0_r0.14android-13.0.0_r0.127android-13.0.0_r0.126android-13.0.0_r0.125android-13.0.0_r0.124android-13.0.0_r0.123android-13.0.0_r0.121android-13.0.0_r0.117android-13.0.0_r0.116android-13.0.0_r0.115android-13.0.0_r0.114android-13.0.0_r0.113android-13.0.0_r0.112android-13.0.0_r0.107android-13.0.0_r0.106android-13.0.0_r0.105android-13.0.0_r0.104android-13.0.0_r0.103android-13.0.0_r0.100main-16k-gs-raviole-5.10android-gs-tangorpro-android14-releaseandroid-gs-tangorpro-5.10-u-qpr1-beta2android-gs-tangorpro-5.10-u-beta5.3android-gs-tangorpro-5.10-u-beta5.2android-gs-tangorpro-5.10-u-beta5android-gs-tangorpro-5.10-u-beta4android-gs-tangorpro-5.10-android14-qpr2-betaandroid-gs-tangorpro-5.10-android14-qpr2android-gs-tangorpro-5.10-android14-qpr1-betaandroid-gs-tangorpro-5.10-android14-qpr1android-gs-tangorpro-5.10-android14android-gs-tangorpro-5.10-android13-qpr3android-gs-tangorpro-5.10-android13-d2android-gs-raviole-android14-releaseandroid-gs-raviole-5.10-u-qpr1-beta2android-gs-raviole-5.10-u-preview-2android-gs-raviole-5.10-u-preview-1android-gs-raviole-5.10-u-beta5.3android-gs-raviole-5.10-u-beta5.2android-gs-raviole-5.10-u-beta5android-gs-raviole-5.10-u-beta4android-gs-raviole-5.10-u-beta3android-gs-raviole-5.10-u-beta2android-gs-raviole-5.10-u-beta1android-gs-raviole-5.10-t-qpr3-beta-3android-gs-raviole-5.10-t-qpr3-beta-2android-gs-raviole-5.10-t-qpr2-beta-3.2android-gs-raviole-5.10-t-qpr2-beta-1android-gs-raviole-5.10-t-qpr1-beta-2android-gs-raviole-5.10-t-preview-2android-gs-raviole-5.10-t-preview-1android-gs-raviole-5.10-t-beta-4android-gs-raviole-5.10-t-beta-3android-gs-raviole-5.10-t-beta-2android-gs-raviole-5.10-t-beta-1android-gs-raviole-5.10-android14-qpr2-betaandroid-gs-raviole-5.10-android14-qpr2android-gs-raviole-5.10-android14-qpr1-betaandroid-gs-raviole-5.10-android14-qpr1android-gs-raviole-5.10-android14android-gs-raviole-5.10-android13-qpr3-beta1android-gs-raviole-5.10-android13-qpr3android-gs-raviole-5.10-android13-qpr2-betaandroid-gs-raviole-5.10-android13-qpr2android-gs-raviole-5.10-android13-qpr1-beta-3android-gs-raviole-5.10-android13-qpr1-betaandroid-gs-raviole-5.10-android13-qpr1android-gs-raviole-5.10-android13android-gs-pantah-android14-releaseandroid-gs-pantah-5.10-u-qpr1-beta2android-gs-pantah-5.10-u-preview-2android-gs-pantah-5.10-u-preview-1android-gs-pantah-5.10-u-beta5.3android-gs-pantah-5.10-u-beta5android-gs-pantah-5.10-u-beta4android-gs-pantah-5.10-u-beta3android-gs-pantah-5.10-u-beta2android-gs-pantah-5.10-u-beta1android-gs-pantah-5.10-t-qpr3-beta-3android-gs-pantah-5.10-t-qpr3-beta-2android-gs-pantah-5.10-t-qpr2-beta-3.2android-gs-pantah-5.10-t-qpr2-beta-1android-gs-pantah-5.10-t-qpr1-beta-3android-gs-pantah-5.10-android14-qpr2-betaandroid-gs-pantah-5.10-android14-qpr2android-gs-pantah-5.10-android14-qpr1-betaandroid-gs-pantah-5.10-android14-qpr1android-gs-pantah-5.10-android14android-gs-pantah-5.10-android13-qpr3-beta1android-gs-pantah-5.10-android13-qpr3android-gs-pantah-5.10-android13-qpr2-betaandroid-gs-pantah-5.10-android13-qpr2android-gs-pantah-5.10-android13-qpr1-beta-3android-gs-pantah-5.10-android13-qpr1android-gs-pantah-5.10-android13-d1android-gs-lynx-android14-releaseandroid-gs-lynx-5.10-u-qpr1-beta2android-gs-lynx-5.10-u-beta5.2android-gs-lynx-5.10-u-beta5android-gs-lynx-5.10-u-beta4android-gs-lynx-5.10-u-beta3android-gs-lynx-5.10-android14-qpr2-betaandroid-gs-lynx-5.10-android14-qpr2android-gs-lynx-5.10-android14-qpr1-betaandroid-gs-lynx-5.10-android14-qpr1android-gs-lynx-5.10-android14android-gs-lynx-5.10-android13-qpr3android-gs-lynx-5.10-android13-qpr2-bandroid-gs-lynx-5.10-android13-d4android-gs-felix-android14-releaseandroid-gs-felix-5.10-u-qpr1-beta2android-gs-felix-5.10-u-beta5.3android-gs-felix-5.10-u-beta5.2android-gs-felix-5.10-u-beta5android-gs-felix-5.10-u-beta4android-gs-felix-5.10-android14-qpr2-betaandroid-gs-felix-5.10-android14-qpr2android-gs-felix-5.10-android14-qpr1-betaandroid-gs-felix-5.10-android14-qpr1android-gs-felix-5.10-android14android-gs-felix-5.10-android13-qpr3-candroid-gs-felix-5.10-android13-qpr3android-gs-felix-5.10-android13-d3android-gs-bluejay-android14-releaseandroid-gs-bluejay-5.10-u-qpr1-beta2android-gs-bluejay-5.10-u-preview-2android-gs-bluejay-5.10-u-preview-1android-gs-bluejay-5.10-u-beta5.3android-gs-bluejay-5.10-u-beta5.2android-gs-bluejay-5.10-u-beta5android-gs-bluejay-5.10-u-beta4android-gs-bluejay-5.10-u-beta3android-gs-bluejay-5.10-u-beta2android-gs-bluejay-5.10-u-beta1android-gs-bluejay-5.10-t-qpr3-beta-3android-gs-bluejay-5.10-t-qpr3-beta-2android-gs-bluejay-5.10-t-qpr2-beta-3android-gs-bluejay-5.10-t-qpr2-beta-1android-gs-bluejay-5.10-t-qpr1-beta-2android-gs-bluejay-5.10-t-beta-4android-gs-bluejay-5.10-android14-qpr2-betaandroid-gs-bluejay-5.10-android14-qpr2android-gs-bluejay-5.10-android14-qpr1-betaandroid-gs-bluejay-5.10-android14-qpr1android-gs-bluejay-5.10-android14android-gs-bluejay-5.10-android13-qpr3-beta1android-gs-bluejay-5.10-android13-qpr3android-gs-bluejay-5.10-android13-qpr2-betaandroid-gs-bluejay-5.10-android13-qpr2android-gs-bluejay-5.10-android13-qpr1-beta-3android-gs-bluejay-5.10-android13-qpr1-betaandroid-gs-bluejay-5.10-android13-qpr1android-gs-bluejay-5.10-android13
The pointer st33spi will be dereferenced after it was positively
checked for NULL, isolate the condition st33spi == NULL and return
errno ENODEV
Bug: 205943658
Bug: 205950808
Bug: 205950761
Test: Manual
Change-Id: I23642ef8a8261de11aa58e5c9ff2e30476062009
-rw-r--r-- | ese/st33spi.c | 17 |
1 files changed, 13 insertions, 4 deletions
diff --git a/ese/st33spi.c b/ese/st33spi.c index 825d186..d72ccbd 100644 --- a/ese/st33spi.c +++ b/ese/st33spi.c @@ -287,7 +287,10 @@ static ssize_t st33spi_read(struct file *filp, char __user *buf, size_t count, st33spi = filp->private_data; - if (st33spi == NULL || !st33spi->spi_state) { + if (st33spi == NULL) + return -ENODEV; + + if (!st33spi->spi_state) { dev_warn(&st33spi->spi->dev, "st33spi: spi is not enabled, abort read process\n"); return -EFAULT; } @@ -326,7 +329,10 @@ static ssize_t st33spi_write(struct file *filp, const char __user *buf, st33spi = filp->private_data; - if (st33spi == NULL || !st33spi->spi_state) { + if (st33spi == NULL) + return -ENODEV; + + if (!st33spi->spi_state) { dev_warn(&st33spi->spi->dev, "st33spi: spi is not enabled, abort write process\n"); return -EFAULT; } @@ -796,7 +802,7 @@ static long st33spi_compat_ioctl(struct file *filp, unsigned int cmd, static int st33spi_open(struct inode *inode, struct file *filp) { - struct st33spi_data *st33spi; + struct st33spi_data *st33spi = NULL; int status = -ENXIO; mutex_lock(&device_list_lock); @@ -808,13 +814,16 @@ static int st33spi_open(struct inode *inode, struct file *filp) } } + if (st33spi == NULL) + return -ENODEV; + if (status) { dev_dbg(&st33spi->spi->dev, "st33spi: nothing for minor %d\n", iminor(inode)); goto err_find_dev; } - if (st33spi == NULL || !st33spi->spi_state) { + if (!st33spi->spi_state) { dev_warn(&st33spi->spi->dev, "st33spi: spi is not enabled, abort open process\n"); mutex_unlock(&device_list_lock); |