diff mbox

[1/2] NFC: delete null dereference

Message ID 1445074340-21955-2-git-send-email-Julia.Lawall@lip6.fr
State Awaiting Upstream, archived
Delegated to: David Miller
Headers show

Commit Message

Julia Lawall Oct. 17, 2015, 9:32 a.m. UTC 
The exit label performs device_unlock(&dev->dev);, which will fail when dev
is NULL, and nfc_put_device(dev);, which is not useful when dev is NULL, so
just exit the function immediately.

Problem found using scripts/coccinelle/null/deref_null.cocci

Signed-off-by: Julia Lawall <Julia.Lawall@lip6.fr>

---
 net/nfc/netlink.c |    6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)


--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Comments

Dan Carpenter Oct. 19, 2015, 12:57 p.m. UTC | #1 
The next goto after that is messed up as well:

  1056          dev = nfc_get_device(idx);
  1057          if (!dev)
  1058                  return -ENODEV;
  1059  
  1060          device_lock(&dev->dev);
  1061  
  1062          local = nfc_llcp_find_local(dev);
  1063          if (!local) {
  1064                  nfc_put_device(dev);

It should not call nfc_put_device() because that happens after goto
exit.

  1065                  rc = -ENODEV;
  1066                  goto exit;
  1067          }

regards,
dan carpenter
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Samuel Ortiz Oct. 20, 2015, 4:50 a.m. UTC | #2 
Hi Julia,

On Sat, Oct 17, 2015 at 11:32:19AM +0200, Julia Lawall wrote:
> The exit label performs device_unlock(&dev->dev);, which will fail when dev
> is NULL, and nfc_put_device(dev);, which is not useful when dev is NULL, so
> just exit the function immediately.
> 
> Problem found using scripts/coccinelle/null/deref_null.cocci
> 
> Signed-off-by: Julia Lawall <Julia.Lawall@lip6.fr>
> 
> ---
>  net/nfc/netlink.c |    6 ++----
>  1 file changed, 2 insertions(+), 4 deletions(-)
Applied to nfc-next, thanks.

Cheers,
Samuel.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
diff mbox

Patch

diff --git a/net/nfc/netlink.c b/net/nfc/netlink.c
index 853172c..f040532 100644
--- a/net/nfc/netlink.c
+++ b/net/nfc/netlink.c
@@ -1109,10 +1109,8 @@  static int nfc_genl_llc_sdreq(struct sk_buff *skb, struct genl_info *info)
 	idx = nla_get_u32(info->attrs[NFC_ATTR_DEVICE_INDEX]);
 
 	dev = nfc_get_device(idx);
-	if (!dev) {
-		rc = -ENODEV;
-		goto exit;
-	}
+	if (!dev)
+		return -ENODEV;
 
 	device_lock(&dev->dev);