On Mon, Apr 13, 2015 at 09:59:48PM +0200, Rafael J. Wysocki wrote:
> On Monday, April 13, 2015 10:21:59 PM Dan Carpenter wrote:
> > Hello Rafael J. Wysocki,
> >
> > The patch e1acdeb0e770: "ACPI / scan: Simplify acpi_match_device()"
> > from Apr 10, 2015, leads to the following static checker warning:
> >
> > drivers/acpi/scan.c:269 acpi_companion_match()
> > error: potential NULL dereference 'adev'.
> >
> > drivers/acpi/scan.c
> > 247 static struct acpi_device *acpi_companion_match(const struct device *dev)
> > 248 {
> > 249 struct acpi_device *adev;
> > 250
> > 251 adev = ACPI_COMPANION(dev);
> > 252 if (!adev)
> > 253 return NULL;
> > 254
> > 255 if (list_empty(&adev->pnp.ids))
> > 256 return NULL;
> > 257
> > 258 mutex_lock(&adev->physical_node_lock);
> > 259 if (list_empty(&adev->physical_node_list)) {
> > 260 adev = NULL;
> > ^^^^^^^^^^^
> > 261 } else {
> > 262 const struct acpi_device_physical_node *node;
> > 263
> > 264 node = list_first_entry(&adev->physical_node_list,
> > 265 struct acpi_device_physical_node, node);
> > 266 if (node->dev != dev)
> > 267 adev = NULL;
> > ^^^^^^^^^^^^
> > 268 }
> > 269 mutex_unlock(&adev->physical_node_lock);
> > ^^^^^^
> > Dereference.
> >
> > 270
> > 271 return adev;
> > 272 }
>
> Right, thanks.
>
> The patch below should fix it.
>
> ---
> From: Rafael J. Wysocki <rafael.j.wysocki@xxxxxxxxx>
> Subject: ACPI / scan: Fix NULL pointer dereference in acpi_companion_match()
>
> Commit e1acdeb0e770 "ACPI / scan: Simplify acpi_match_device()"
> introduced code that may lead to a NULL pointer dereference when
> trying to unlock a mutex. Fix that.
>
> Fixes: e1acdeb0e770 "ACPI / scan: Simplify acpi_match_device()"
> Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@xxxxxxxxx>
Reviewed-by: Mika Westerberg <mika.westerberg@xxxxxxxxxxxxxxx>
--
To unsubscribe from this list: send the line "unsubscribe linux-acpi" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
