From patchwork Thu Jan 6 14:05:36 2011 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dan Carpenter X-Patchwork-Id: 77713 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from canuck.infradead.org (canuck.infradead.org [134.117.69.58]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by ozlabs.org (Postfix) with ESMTPS id 9663CB70A9 for ; Fri, 7 Jan 2011 01:10:41 +1100 (EST) Received: from localhost ([127.0.0.1] helo=canuck.infradead.org) by canuck.infradead.org with esmtp (Exim 4.72 #1 (Red Hat Linux)) id 1PaqTf-0003MR-5q; Thu, 06 Jan 2011 14:06:07 +0000 Received: from mail-ww0-f49.google.com ([74.125.82.49]) by canuck.infradead.org with esmtp (Exim 4.72 #1 (Red Hat Linux)) id 1PaqTQ-0003Jg-27; Thu, 06 Jan 2011 14:05:53 +0000 Received: by wwb17 with SMTP id 17so17918020wwb.18 for ; Thu, 06 Jan 2011 06:05:50 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:date:from:to:cc:subject :message-id:mail-followup-to:references:mime-version:content-type :content-disposition:in-reply-to:user-agent; bh=J2B+UEZngMy9u7xm6Ling+PkYIo5bS57w/rZnp0JC/U=; b=KO1c2fll3HqiMRw9cFTMFtACeUcExteR/BlHVZPtploGAevewsI9vUQeY4JzjG0kcg +6s9XXJ8giYvfIjPY/9q7cOq2x7DJ71NHVD3NvumjxQFhW5CISxjDBCbezJ5HPjFX3nt xefCR4u3k6OEgkN7PTy6GjXU0YiqR77jdWRiA= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=date:from:to:cc:subject:message-id:mail-followup-to:references :mime-version:content-type:content-disposition:in-reply-to :user-agent; b=CNH2CGgTByenjz0lyb7YqCjPxhQ55hhTP3R7PcVMShxmU59Yd2RaYGvQVRWpl6Kb1N +ktYAmMdadGUUdpKC6ShhftiQzwvwnKP8DXBZT8l9iCZR4cKNn59lfP8qiVCNy9AUEo4 yD5TIUTF02C/aqG7jAyZDB+CvbMZES18MQxDY= Received: by 10.216.56.65 with SMTP id l43mr540073wec.113.1294322750108; Thu, 06 Jan 2011 06:05:50 -0800 (PST) Received: from bicker ([41.202.225.146]) by mx.google.com with ESMTPS id p49sm10710037wes.18.2011.01.06.06.05.44 (version=TLSv1/SSLv3 cipher=RC4-MD5); Thu, 06 Jan 2011 06:05:48 -0800 (PST) Date: Thu, 6 Jan 2011 17:05:36 +0300 From: Dan Carpenter To: Sven Neumann Subject: [patch v2] mtd: pxa3xx_nand: NULL dereference in pxa3xx_nand_probe Message-ID: <20110106140536.GB1717@bicker> Mail-Followup-To: Dan Carpenter , Sven Neumann , linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-mtd@lists.infradead.org, Daniel Mack , leiwen@marvell.com, haojian.zhuang@marvell.com, David.Woodhouse@intel.com, eric.y.miao@gmail.com, Artem.Bityutskiy@nokia.com References: <1294227801.3996.62.camel@sven> <20110106124525.GA1717@bicker> <1294321502.2218.5.camel@sven> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <1294321502.2218.5.camel@sven> User-Agent: Mutt/1.5.20 (2009-06-14) X-CRM114-Version: 20090807-BlameThorstenAndJenny ( TRE 0.7.6 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20110106_090552_320619_F91DBEA7 X-CRM114-Status: GOOD ( 11.15 ) X-Spam-Score: 1.4 (+) X-Spam-Report: SpamAssassin version 3.3.1 on canuck.infradead.org summary: Content analysis details: (1.4 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low trust [74.125.82.49 listed in list.dnswl.org] 0.0 FREEMAIL_FROM Sender email is freemail (error27[at]gmail.com) 2.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in digit (error27[at]gmail.com) -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.0 RFC_ABUSE_POST Both abuse and postmaster missing on sender domain Cc: Artem.Bityutskiy@nokia.com, eric.y.miao@gmail.com, David.Woodhouse@intel.com, leiwen@marvell.com, linux-kernel@vger.kernel.org, haojian.zhuang@marvell.com, linux-mtd@lists.infradead.org, Daniel Mack , linux-arm-kernel@lists.infradead.org X-BeenThere: linux-mtd@lists.infradead.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Linux MTD discussion mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: linux-mtd-bounces@lists.infradead.org Errors-To: linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org "info->cmdset" gets dereferenced in __readid() so it needs to be initialized earlier in the function. This bug was introduced in 18c81b1828f8 "mtd: pxa3xx_nand: remove the flash info in driver structure". Cc: stable@kernel.org [2.6.37+] Reported-and-tested-by: Sven Neumann Signed-off-by: Dan Carpenter --- v2: changed the commit text. added stable@kernel.org and a reported-by tag. diff --git a/drivers/mtd/nand/pxa3xx_nand.c b/drivers/mtd/nand/pxa3xx_nand.c index 17f8518..ea2c288 100644 --- a/drivers/mtd/nand/pxa3xx_nand.c +++ b/drivers/mtd/nand/pxa3xx_nand.c @@ -885,6 +885,7 @@ static int pxa3xx_nand_detect_config(struct pxa3xx_nand_info *info) /* set info fields needed to __readid */ info->read_id_bytes = (info->page_size == 2048) ? 4 : 2; info->reg_ndcr = ndcr; + info->cmdset = &default_cmdset; if (__readid(info, &id)) return -ENODEV; @@ -915,7 +916,6 @@ static int pxa3xx_nand_detect_config(struct pxa3xx_nand_info *info) info->ndtr0cs0 = nand_readl(info, NDTR0CS0); info->ndtr1cs0 = nand_readl(info, NDTR1CS0); - info->cmdset = &default_cmdset; return 0; }