Patchwork [1/1] mtd: physmap_of: fix illegal dereference

login
register
mail settings
Submitter Stef van Os
Date Jan. 17, 2013, 6:22 p.m.
Message ID <1358446932-7238-1-git-send-email-stef.van.os@prodrive.nl>
Download mbox | patch
Permalink /patch/213344/
State New
Headers show

Comments

Stef van Os - Jan. 17, 2013, 6:22 p.m.
d68cbdd introduced a new way of getting the name of an mtd
partion. The character pointer is not initialized, and only
checked against NULL, not at other random garbage.
This patch fixes the resulting panic.

Signed-off-by: Stef van Os <stef.van.os@prodrive.nl>
---
 drivers/mtd/maps/physmap_of.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)
Artem Bityutskiy - Feb. 1, 2013, 4:54 p.m.
On Thu, 2013-01-17 at 19:22 +0100, Stef van Os wrote:
> d68cbdd introduced a new way of getting the name of an mtd
> partion. The character pointer is not initialized, and only
> checked against NULL, not at other random garbage.
> This patch fixes the resulting panic.
> 
> Signed-off-by: Stef van Os <stef.van.os@prodrive.nl>

A similar fix already sits in the mtd tree:

http://git.infradead.org/mtd-2.6.git/commit/7dfe4be351e81656ca1068e5d4ead235c7ba94b1
Stef van Os - Feb. 1, 2013, 5:10 p.m.
On 02/01/2013 05:54 PM, Artem Bityutskiy wrote:
> On Thu, 2013-01-17 at 19:22 +0100, Stef van Os wrote:
>> d68cbdd introduced a new way of getting the name of an mtd
>> partion. The character pointer is not initialized, and only
>> checked against NULL, not at other random garbage.
>> This patch fixes the resulting panic.
>>
>> Signed-off-by: Stef van Os<stef.van.os@prodrive.nl>
> A similar fix already sits in the mtd tree:
>
> http://git.infradead.org/mtd-2.6.git/commit/7dfe4be351e81656ca1068e5d4ead235c7ba94b1
>
Ah, sorry, I wasn't aware of this. But, as long as some fix for this 
issue makes it into mainline, I'm happy :)

Patch

diff --git a/drivers/mtd/maps/physmap_of.c b/drivers/mtd/maps/physmap_of.c
index 67cc73c..7901d72 100644
--- a/drivers/mtd/maps/physmap_of.c
+++ b/drivers/mtd/maps/physmap_of.c
@@ -170,7 +170,7 @@  static int of_flash_probe(struct platform_device *dev)
 	resource_size_t res_size;
 	struct mtd_part_parser_data ppdata;
 	bool map_indirect;
-	const char *mtd_name;
+	const char *mtd_name = NULL;
 
 	match = of_match_device(of_flash_match, &dev->dev);
 	if (!match)