Re: [PATCH] firmware: edd: fix a NULL pointer dereference

2019-03-25 Thread Johannes Thumshirn 
On 23/03/2019 23:10, Kangjie Lu wrote:
> As other functions in this module do, edev should be checked to
> ensure that it is not NULL.
> The fix inserts such as check to avoid potential NULL pointer
> dereference.
> 
> Signed-off-by: Kangjie Lu 
> ---
>  drivers/firmware/edd.c | 2 ++
>  1 file changed, 2 insertions(+)
> 
> diff --git a/drivers/firmware/edd.c b/drivers/firmware/edd.c
> index 1b82c89a49df..7ebfaca53721 100644
> --- a/drivers/firmware/edd.c
> +++ b/drivers/firmware/edd.c
> @@ -279,6 +279,8 @@ static ssize_t
>  edd_show_mbr_signature(struct edd_device *edev, char *buf)
>  {
>   char *p = buf;
> + if (!edev)
> + return -EINVAL;


I don't think this can ever be NULL.

edd_show_mbr_signature() is called from edd_attr_show(), which
simplified looks like this:

define to_edd_device(obj) container_of(obj,struct edd_device,kobj)

edd_attr_show(struct kobject * kobj, struct attribute *attr, char *buf)
{
struct edd_device *dev = to_edd_device(kobj);
[...]

if (edd_attr->show)
ret = edd_attr->show(dev, buf);
[...]
}

The edd_device structure has the kobject embedded, otherwise the up-cast
won't work.

Byte,
Johannes
-- 
Johannes ThumshirnSUSE Labs Filesystems
jthumsh...@suse.de+49 911 74053 689
SUSE LINUX GmbH, Maxfeldstr. 5, 90409 Nürnberg
GF: Felix Imendörffer, Mary Higgins, Sri Rasiah
HRB 21284 (AG Nürnberg)
Key fingerprint = EC38 9CAB C2C4 F25D 8600 D0D0 0393 969D 2D76 0850

[PATCH] firmware: edd: fix a NULL pointer dereference

2019-03-23 Thread Kangjie Lu 
As other functions in this module do, edev should be checked to
ensure that it is not NULL.
The fix inserts such as check to avoid potential NULL pointer
dereference.

Signed-off-by: Kangjie Lu 
---
 drivers/firmware/edd.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/drivers/firmware/edd.c b/drivers/firmware/edd.c
index 1b82c89a49df..7ebfaca53721 100644
--- a/drivers/firmware/edd.c
+++ b/drivers/firmware/edd.c
@@ -279,6 +279,8 @@ static ssize_t
 edd_show_mbr_signature(struct edd_device *edev, char *buf)
 {
char *p = buf;
+   if (!edev)
+   return -EINVAL;
p += scnprintf(p, left, "0x%08x\n", edev->mbr_signature);
return (p - buf);
 }
-- 
2.17.1