Re: [2.6 patch] drivers/net/wireless/libertas/fw.c: fix use-before-check
From: Eugene Teo
Date: Fri May 18 2007 - 23:12:39 EST
Hi John,
John W. Linville wrote:
> On Sat, May 19, 2007 at 01:06:49AM +0800, Eugene Teo wrote:
>> NULL checks should be performed before the dereference.
>>
>> Spotted by the Coverity checker.
>>
>> Signed-off-by: Eugene Teo <eteo@xxxxxxxxxx>
>
> This does not apply against 2.6.22-rc1. Please rediff and repost.
Ok. Here's a rediff against 2.6.22-rc1. Thanks.
--
NULL checks should be performed before the dereference.
Spotted by the Coverity checker.
Signed-off-by: Eugene Teo <eteo@xxxxxxxxxx>
diff -uprN -X 2.6.22-rc1/Documentation/dontdiff
2.6.22-rc1.orig/drivers/net/wireless/libertas/fw.c 2.6.22-rc1/drivers/net/wireless/libertas/fw.c
--- 2.6.22-rc1.orig/drivers/net/wireless/libertas/fw.c 2007-05-19 10:48:02.000000000 +0800
+++ 2.6.22-rc1/drivers/net/wireless/libertas/fw.c 2007-05-19 11:01:26.000000000 +0800
@@ -333,18 +333,22 @@ static void command_timer_fn(unsigned lo
unsigned long flags;
ptempnode = adapter->cur_cmd;
+ if (ptempnode == NULL) {
+ lbs_pr_debug(1, "PTempnode Empty\n");
+ return;
+ }
+
cmd = (struct cmd_ds_command *)ptempnode->bufvirtualaddr;
+ if (!cmd) {
+ lbs_pr_debug(1, "cmd is NULL\n");
+ return;
+ }
lbs_pr_info("command_timer_fn fired (%x)\n", cmd->command);
if (!adapter->fw_ready)
return;
- if (ptempnode == NULL) {
- lbs_pr_debug(1, "PTempnode Empty\n");
- return;
- }
-
spin_lock_irqsave(&adapter->driver_lock, flags);
adapter->cur_cmd = NULL;
spin_unlock_irqrestore(&adapter->driver_lock, flags);
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/