| Message ID | 20190730080813.15363-1-baijiaju1990@gmail.com |
|---|---|
| State | Accepted |
| Delegated to: | David Miller |
| Headers | show |
| Series | [v2] net: phy: phy_led_triggers: Fix a possible null-pointer dereference in phy_led_trigger_change_speed() | expand |
From: Jia-Ju Bai <baijiaju1990@gmail.com> Date: Tue, 30 Jul 2019 16:08:13 +0800 > In phy_led_trigger_change_speed(), there is an if statement on line 48 > to check whether phy->last_triggered is NULL: > if (!phy->last_triggered) > > When phy->last_triggered is NULL, it is used on line 52: > led_trigger_event(&phy->last_triggered->trigger, LED_OFF); > > Thus, a possible null-pointer dereference may occur. > > To fix this bug, led_trigger_event(&phy->last_triggered->trigger, > LED_OFF) is called when phy->last_triggered is not NULL. > > This bug is found by a static analysis tool STCheck written by > the OSLAB group in Tsinghua University. > > Signed-off-by: Jia-Ju Bai <baijiaju1990@gmail.com> Applied, thanks.
diff --git a/drivers/net/phy/phy_led_triggers.c b/drivers/net/phy/phy_led_triggers.c index b86a4b2116f8..59a94e07e7c5 100644 --- a/drivers/net/phy/phy_led_triggers.c +++ b/drivers/net/phy/phy_led_triggers.c @@ -48,8 +48,9 @@ void phy_led_trigger_change_speed(struct phy_device *phy) if (!phy->last_triggered) led_trigger_event(&phy->led_link_trigger->trigger, LED_FULL); + else + led_trigger_event(&phy->last_triggered->trigger, LED_OFF); - led_trigger_event(&phy->last_triggered->trigger, LED_OFF); led_trigger_event(&plt->trigger, LED_FULL); phy->last_triggered = plt; }
In phy_led_trigger_change_speed(), there is an if statement on line 48 to check whether phy->last_triggered is NULL: if (!phy->last_triggered) When phy->last_triggered is NULL, it is used on line 52: led_trigger_event(&phy->last_triggered->trigger, LED_OFF); Thus, a possible null-pointer dereference may occur. To fix this bug, led_trigger_event(&phy->last_triggered->trigger, LED_OFF) is called when phy->last_triggered is not NULL. This bug is found by a static analysis tool STCheck written by the OSLAB group in Tsinghua University. Signed-off-by: Jia-Ju Bai <baijiaju1990@gmail.com> --- v2: * Add the organization of the tool's authors. Thank David and Andrew for helpful advice. --- drivers/net/phy/phy_led_triggers.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)