[lvc-project] [PATCH] goku_udc: Add check for NULL in goku_irq
Alan Stern
stern at rowland.harvard.edu
Fri Feb 3 17:43:59 MSK 2023
On Fri, Feb 03, 2023 at 01:18:28PM +0300, Anastasia Belova wrote:
> Before dereferencing dev->driver check it for NULL.
>> If an interrupt handler is called after assigning
> NULL to dev->driver, but before resetting dev->int_enable,
> NULL-pointer will be dereferenced.
Wouldn't it be better just to set dev->driver to NULL _after_ resetting
dev->int_enable?
Alan Stern
> Found by Linux Verification Center (linuxtesting.org) with SVACE.
>> Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
> Signed-off-by: Anastasia Belova <abelova at astralinux.ru>
> ---
> drivers/usb/gadget/udc/goku_udc.c | 5 +++--
> 1 file changed, 3 insertions(+), 2 deletions(-)
>> diff --git a/drivers/usb/gadget/udc/goku_udc.c b/drivers/usb/gadget/udc/goku_udc.c
> index bdc56b24b5c9..896bba8b47f1 100644
> --- a/drivers/usb/gadget/udc/goku_udc.c
> +++ b/drivers/usb/gadget/udc/goku_udc.c
> @@ -1616,8 +1616,9 @@ static irqreturn_t goku_irq(int irq, void *_dev)
> pm_next:
> if (stat & INT_USBRESET) { /* hub reset done */
> ACK(INT_USBRESET);
> - INFO(dev, "USB reset done, gadget %s\n",
> - dev->driver->driver.name);
> + if (dev->driver)
> + INFO(dev, "USB reset done, gadget %s\n",
> + dev->driver->driver.name);
> }
> // and INT_ERR on some endpoint's crc/bitstuff/... problem
> }
> --
> 2.30.2
>
More information about the lvc-project
mailing list