From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: "Wood, Brian J" Date: Tue, 19 Mar 2019 10:04:22 -0700 Subject: [PATCH] media: pci: Check pointer validity before use This commit addresses some use cases where pointer is used without first checking is valid. Tracked-On:PKT-1816 Change-Id: I02f2e67ec8317740156b2415b08750e292debc1d Signed-off-by: Wood, Brian J --- drivers/media/pci/intel/ipu-wrapper.c | 31 +++++++++++++++++++-------- 1 file changed, 22 insertions(+), 9 deletions(-) diff --git a/drivers/media/pci/intel/ipu-wrapper.c b/drivers/media/pci/intel/ipu-wrapper.c index f2a70cb..b9520d5 100644 --- a/drivers/media/pci/intel/ipu-wrapper.c +++ b/drivers/media/pci/intel/ipu-wrapper.c @@ -224,8 +224,12 @@ u64 shared_memory_alloc(unsigned int mmid, size_t bytes) struct my_css_memory_buffer_item *buf; unsigned long flags; - if (mine) - dev_dbg(mine->dev, "%s: in, size: %zu\n", __func__, bytes); + if (!mine) { + pr_err("Invalid mem subsystem, return. mmid=%d", mmid); + return 0; + } + + dev_dbg(mine->dev, "%s: in, size: %zu\n", __func__, bytes); if (!bytes) return (unsigned long)&alloc_cookie; @@ -315,7 +319,7 @@ u32 shared_memory_map(unsigned int ssid, unsigned int mmid, u64 addr) if (!mine) { pr_err("Invalid mem subsystem, return NULL. mmid=%d", mmid); - return NULL; + return 0; } if ((void *)(unsigned long)addr == &alloc_cookie) @@ -403,9 +407,14 @@ void shared_memory_store(unsigned int mmid, u64 addr, const void *data, "access: %s: Enter addr = 0x%lx bytes = 0x%zx\n", __func__, (unsigned long)addr, bytes); - if (!data && get_mem_sub_system(mmid)) { - dev_err(get_mem_sub_system(mmid)->dev, - "%s: data ptr is null\n", __func__); + if (!data) { + if (get_mem_sub_system(mmid)) + dev_err(get_mem_sub_system(mmid)->dev, + "%s: data ptr is null\n", __func__); + else + pr_err("data ptr is null. mmid=%d\n", mmid); + + return; } else { const u8 *pdata = data; u8 *paddr = (u8 *)(unsigned long)addr; @@ -499,10 +508,14 @@ void shared_memory_load(unsigned int mmid, u64 addr, void *data, size_t bytes) "access: %s: Enter addr = 0x%lx bytes = 0x%zx\n", __func__, (unsigned long)addr, bytes); - if (!data && get_mem_sub_system(mmid)) { - dev_err(get_mem_sub_system(mmid)->dev, - "%s: data ptr is null\n", __func__); + if (!data) { + if (get_mem_sub_system(mmid)) + dev_err(get_mem_sub_system(mmid)->dev, + "%s: data ptr is null\n", __func__); + else + pr_err("data ptr is null. mmid=%d\n", mmid); + return; } else { u8 *pdata = data; u8 *paddr = (u8 *)(unsigned long)addr; -- https://clearlinux.org