[1/1] mtd: physmap_of: fix illegal dereference

Submitted by Stef van Os on Jan. 17, 2013, 6:22 p.m.

Details

Message ID 1358446932-7238-1-git-send-email-stef.van.os@prodrive.nl
State New, archived
Headers show

Commit Message

Stef van Os Jan. 17, 2013, 6:22 p.m.
d68cbdd introduced a new way of getting the name of an mtd
partion. The character pointer is not initialized, and only
checked against NULL, not at other random garbage.
This patch fixes the resulting panic.

Signed-off-by: Stef van Os <stef.van.os@prodrive.nl>
---
 drivers/mtd/maps/physmap_of.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

Comments

Artem Bityutskiy Feb. 1, 2013, 4:54 p.m.
On Thu, 2013-01-17 at 19:22 +0100, Stef van Os wrote:
> d68cbdd introduced a new way of getting the name of an mtd
> partion. The character pointer is not initialized, and only
> checked against NULL, not at other random garbage.
> This patch fixes the resulting panic.
> 
> Signed-off-by: Stef van Os <stef.van.os@prodrive.nl>

A similar fix already sits in the mtd tree:

http://git.infradead.org/mtd-2.6.git/commit/7dfe4be351e81656ca1068e5d4ead235c7ba94b1
Stef van Os Feb. 1, 2013, 5:10 p.m.
On 02/01/2013 05:54 PM, Artem Bityutskiy wrote:
> On Thu, 2013-01-17 at 19:22 +0100, Stef van Os wrote:
>> d68cbdd introduced a new way of getting the name of an mtd
>> partion. The character pointer is not initialized, and only
>> checked against NULL, not at other random garbage.
>> This patch fixes the resulting panic.
>>
>> Signed-off-by: Stef van Os<stef.van.os@prodrive.nl>
> A similar fix already sits in the mtd tree:
>
> http://git.infradead.org/mtd-2.6.git/commit/7dfe4be351e81656ca1068e5d4ead235c7ba94b1
>
Ah, sorry, I wasn't aware of this. But, as long as some fix for this 
issue makes it into mainline, I'm happy :)

Patch hide | download patch | download mbox

diff --git a/drivers/mtd/maps/physmap_of.c b/drivers/mtd/maps/physmap_of.c
index 67cc73c..7901d72 100644
--- a/drivers/mtd/maps/physmap_of.c
+++ b/drivers/mtd/maps/physmap_of.c
@@ -170,7 +170,7 @@  static int of_flash_probe(struct platform_device *dev)
 	resource_size_t res_size;
 	struct mtd_part_parser_data ppdata;
 	bool map_indirect;
-	const char *mtd_name;
+	const char *mtd_name = NULL;
 
 	match = of_match_device(of_flash_match, &dev->dev);
 	if (!match)