On Thu, 27 Feb 2020 at 23:06, Bao D. Nguyen <nguyenb@xxxxxxxxxxxxxx> wrote:
>
> If the SD card is removed, the mmc_card pointer can be set to NULL
> by the mmc_sd_remove() function. Check mmc_card pointer to avoid NULL
> pointer access.
>
> Signed-off-by: Bao D. Nguyen <nguyenb@xxxxxxxxxxxxxx>
> Signed-off-by: Asutosh Das <asutoshd@xxxxxxxxxxxxxx>
> ---
> drivers/mmc/core/bus.c | 5 +++++
> drivers/mmc/core/core.c | 3 +++
> 2 files changed, 8 insertions(+)
>
> diff --git a/drivers/mmc/core/bus.c b/drivers/mmc/core/bus.c
> index 74de3f2..4558f51 100644
> --- a/drivers/mmc/core/bus.c
> +++ b/drivers/mmc/core/bus.c
> @@ -131,6 +131,11 @@ static void mmc_bus_shutdown(struct device *dev)
> struct mmc_host *host = card->host;
> int ret;
This obviously doesn't solve anything as we have already dereferenced
the card->host above. In other words we should hit a NULL pointer
dereference bug then.
More exactly, how do you trigger this problem?
>
> + if (!card) {
> + dev_dbg(dev, "%s: %s: card is NULL\n", dev_name(dev), __func__);
> + return;
> + }
> +
> if (dev->driver && drv->shutdown)
> drv->shutdown(card);
>
[...]
Kind regards
Uffe
