Hi Shaobo, On Thu, Feb 16, 2017 at 04:27:00PM -0700, Shaobo wrote: > Hi there, > > My name is Shaobo He and I am a graduate student at University of > Utah. I am applying a static analysis tool to the Linux device > drivers and got an error trace of null pointer dereference in > drivers/input/touchscreen/ad7879-spi.c staring from > `ad7879_spi_multi_read`: it calls `ad7879_spi_xfer` with the > argument `tx_buf` being NULL, which gets dereferenced at line 52 > given the argument `count` being 1. As you can see, the error trace > is only plausible since it depends on certain conditions. To be more > specific, is it possible for the count argument to be 1. Therefore, > I was wondering if you could help me confirm it since you are one of > the authors of this driver. > > Thanks for your time. I am looking forward to your reply. We never call ad7879_spi_multi_read() with count == 1, so this scenario is not going to happen. Given that this is driiver-private code and not a public API I think it is OK-ish. Thanks. -- Dmitry -- To unsubscribe from this list: send the line "unsubscribe linux-input" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
