[PATCH 1/1] NET: irda, fix potential null dereference

From: Jiri Slaby
Date: Sun Jan 10 2010 - 04:11:23 EST

Next message: Geert Uytterhoeven: ""m68k: Cleanup linker scripts using new linker script macros." and old binutils (was: Re: [PATCH] m68k: Atari EtherNAT - Nicolas Pitre has a new email address)"
Previous message: Jiri Slaby: "[PATCH 1/1] NET: ipv6, fix potential null dereference"
Next in thread: Jiri Slaby: "[PATCH 1/1] NET: irda, remove unnecessary checks"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Stanse found a potential null dereference in ircomm_tty_close
and ircomm_tty_hangup. There is a check for tty being NULL,
but it is dereferenced earlier. Move the dereference after
the check.

Signed-off-by: Jiri Slaby <jslaby@xxxxxxx>
Cc: Samuel Ortiz <samuel@xxxxxxxxxx>
Cc: "David S. Miller" <davem@xxxxxxxxxxxxx>
Cc: Alan Cox <alan@xxxxxxxxxxxxxxx>
Cc: Greg Kroah-Hartman <gregkh@xxxxxxx>
Cc: netdev@xxxxxxxxxxxxxxx
---
net/irda/ircomm/ircomm_tty.c | 14 +++++++++-----
1 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/net/irda/ircomm/ircomm_tty.c b/net/irda/ircomm/ircomm_tty.c
index 811984d..42a7d75 100644
--- a/net/irda/ircomm/ircomm_tty.c
+++ b/net/irda/ircomm/ircomm_tty.c
@@ -491,7 +491,7 @@ static int ircomm_tty_open(struct tty_struct *tty, struct file *filp)
*/
static void ircomm_tty_close(struct tty_struct *tty, struct file *filp)
{
- struct ircomm_tty_cb *self = (struct ircomm_tty_cb *) tty->driver_data;
+ struct ircomm_tty_cb *self;
unsigned long flags;

IRDA_DEBUG(0, "%s()\n", __func__ );
@@ -499,6 +499,8 @@ static void ircomm_tty_close(struct tty_struct *tty, struct file *filp)
if (!tty)
return;

+ self = tty->driver_data;
+
IRDA_ASSERT(self != NULL, return;);
IRDA_ASSERT(self->magic == IRCOMM_TTY_MAGIC, return;);

@@ -999,17 +1001,19 @@ static void ircomm_tty_shutdown(struct ircomm_tty_cb *self)
*/
static void ircomm_tty_hangup(struct tty_struct *tty)
{
- struct ircomm_tty_cb *self = (struct ircomm_tty_cb *) tty->driver_data;
+ struct ircomm_tty_cb *self;
unsigned long flags;

IRDA_DEBUG(0, "%s()\n", __func__ );

- IRDA_ASSERT(self != NULL, return;);
- IRDA_ASSERT(self->magic == IRCOMM_TTY_MAGIC, return;);
-
if (!tty)
return;

+ self = tty->driver_data;
+
+ IRDA_ASSERT(self != NULL, return;);
+ IRDA_ASSERT(self->magic == IRCOMM_TTY_MAGIC, return;);
+
/* ircomm_tty_flush_buffer(tty); */
ircomm_tty_shutdown(self);

--
1.6.5.7

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Geert Uytterhoeven: ""m68k: Cleanup linker scripts using new linker script macros." and old binutils (was: Re: [PATCH] m68k: Atari EtherNAT - Nicolas Pitre has a new email address)"
Previous message: Jiri Slaby: "[PATCH 1/1] NET: ipv6, fix potential null dereference"
Next in thread: Jiri Slaby: "[PATCH 1/1] NET: irda, remove unnecessary checks"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]