Patchwork rtc: max8998: Check for pdata presence before dereferencing

login
register
mail settings
Submitter Tomasz Figa
Date May 15, 2013, 3:16 p.m.
Message ID <1368630968-30460-1-git-send-email-t.figa@samsung.com>
Download mbox | patch
Permalink /patch/244108/
State New
Headers show

Comments

Tomasz Figa - May 15, 2013, 3:16 p.m.
Currently the driver can crash with a NULL pointer dereference if no pdata
is provided, despite of successful registration of MFD part. This patch
fixes the problem by adding a NULL check before dereferencing the pdata
pointer.

Signed-off-by: Tomasz Figa <t.figa@samsung.com>
Signed-off-by: Kyungmin Park <kyungmin.park@samsung.com>
---
 drivers/rtc/rtc-max8998.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
Sachin Kamat - May 15, 2013, 4:12 p.m.
CCing Andrew Morton.

On 15 May 2013 20:46, Tomasz Figa <t.figa@samsung.com> wrote:
> Currently the driver can crash with a NULL pointer dereference if no pdata
> is provided, despite of successful registration of MFD part. This patch
> fixes the problem by adding a NULL check before dereferencing the pdata
> pointer.
>
> Signed-off-by: Tomasz Figa <t.figa@samsung.com>
> Signed-off-by: Kyungmin Park <kyungmin.park@samsung.com>
> ---
>  drivers/rtc/rtc-max8998.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/rtc/rtc-max8998.c b/drivers/rtc/rtc-max8998.c
> index 48b6612..d5af7ba 100644
> --- a/drivers/rtc/rtc-max8998.c
> +++ b/drivers/rtc/rtc-max8998.c
> @@ -285,7 +285,7 @@ static int max8998_rtc_probe(struct platform_device *pdev)
>                         info->irq, ret);
>
>         dev_info(&pdev->dev, "RTC CHIP NAME: %s\n", pdev->id_entry->name);
> -       if (pdata->rtc_delay) {
> +       if (pdata && pdata->rtc_delay) {
>                 info->lp3974_bug_workaround = true;
>                 dev_warn(&pdev->dev, "LP3974 with RTC REGERR option."
>                                 " RTC updates will be extremely slow.\n");
> --
> 1.8.2.1
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-samsung-soc" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
Tomasz Figa - May 20, 2013, 8:05 p.m.
Hi Alessandro,

On Wednesday 15 of May 2013 17:16:08 Tomasz Figa wrote:
> Currently the driver can crash with a NULL pointer dereference if no
> pdata is provided, despite of successful registration of MFD part. This
> patch fixes the problem by adding a NULL check before dereferencing the
> pdata pointer.
> 
> Signed-off-by: Tomasz Figa <t.figa@samsung.com>
> Signed-off-by: Kyungmin Park <kyungmin.park@samsung.com>
> ---
>  drivers/rtc/rtc-max8998.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/drivers/rtc/rtc-max8998.c b/drivers/rtc/rtc-max8998.c
> index 48b6612..d5af7ba 100644
> --- a/drivers/rtc/rtc-max8998.c
> +++ b/drivers/rtc/rtc-max8998.c
> @@ -285,7 +285,7 @@ static int max8998_rtc_probe(struct platform_device
> *pdev) info->irq, ret);
> 
>  	dev_info(&pdev->dev, "RTC CHIP NAME: %s\n", pdev->id_entry->name);
> -	if (pdata->rtc_delay) {
> +	if (pdata && pdata->rtc_delay) {
>  		info->lp3974_bug_workaround = true;
>  		dev_warn(&pdev->dev, "LP3974 with RTC REGERR option."
>  				" RTC updates will be extremely slow.\n");

Since this is a fix, could you apply this patch to your fixes branch for 
3.10-rc2, please?

Best regards,
Tomasz
Andrew Morton - May 23, 2013, 11:55 p.m.
On Wed, 15 May 2013 17:16:08 +0200 Tomasz Figa <t.figa@samsung.com> wrote:

> Currently the driver can crash with a NULL pointer dereference if no pdata
> is provided, despite of successful registration of MFD part. This patch
> fixes the problem by adding a NULL check before dereferencing the pdata
> pointer.
> 
> ...
>
> --- a/drivers/rtc/rtc-max8998.c
> +++ b/drivers/rtc/rtc-max8998.c
> @@ -285,7 +285,7 @@ static int max8998_rtc_probe(struct platform_device *pdev)
>  			info->irq, ret);
>  
>  	dev_info(&pdev->dev, "RTC CHIP NAME: %s\n", pdev->id_entry->name);
> -	if (pdata->rtc_delay) {
> +	if (pdata && pdata->rtc_delay) {
>  		info->lp3974_bug_workaround = true;
>  		dev_warn(&pdev->dev, "LP3974 with RTC REGERR option."
>  				" RTC updates will be extremely slow.\n");

Looking at your description I'm unable to determine which kernel
versions we should fix.  This is because the changelog didn't describe
the circumstances under which the bug triggers.

It's pretty simple: when fixing a bug, include a full description of
the bug!  As if you were sending a bug report, not a patch.

Patch

diff --git a/drivers/rtc/rtc-max8998.c b/drivers/rtc/rtc-max8998.c
index 48b6612..d5af7ba 100644
--- a/drivers/rtc/rtc-max8998.c
+++ b/drivers/rtc/rtc-max8998.c
@@ -285,7 +285,7 @@  static int max8998_rtc_probe(struct platform_device *pdev)
 			info->irq, ret);
 
 	dev_info(&pdev->dev, "RTC CHIP NAME: %s\n", pdev->id_entry->name);
-	if (pdata->rtc_delay) {
+	if (pdata && pdata->rtc_delay) {
 		info->lp3974_bug_workaround = true;
 		dev_warn(&pdev->dev, "LP3974 with RTC REGERR option."
 				" RTC updates will be extremely slow.\n");