Hello Xiaoke,
Thank you for the patch.
On Fri, Mar 04, 2022 at 07:48:18PM +0800, xkernel.wang@xxxxxxxxxxx wrote:
> From: Xiaoke Wang <xkernel.wang@xxxxxxxxxxx>
>
> __ccp2_get_format() returns format structure or NULL on error.
> So it is better to check the return value of it to prevent potential
> wrong memory access.
The function can actually never return NULL if it's called with a valid
pad number, which should always be the case as far as I can tell (since
commit a8fa55078a778). This patch is thus not needed.
> Signed-off-by: Xiaoke Wang <xkernel.wang@xxxxxxxxxxx>
> ---
> drivers/media/platform/omap3isp/ispccp2.c | 12 ++++++++++--
> 1 file changed, 10 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/media/platform/omap3isp/ispccp2.c b/drivers/media/platform/omap3isp/ispccp2.c
> index acb58b6..81881b1 100644
> --- a/drivers/media/platform/omap3isp/ispccp2.c
> +++ b/drivers/media/platform/omap3isp/ispccp2.c
> @@ -675,8 +675,10 @@ static void ccp2_try_format(struct isp_ccp2_device *ccp2,
> */
> format = __ccp2_get_format(ccp2, sd_state, CCP2_PAD_SINK,
> which);
> - memcpy(fmt, format, sizeof(*fmt));
> - fmt->code = MEDIA_BUS_FMT_SGRBG10_1X10;
> + if (format != NULL) {
> + memcpy(fmt, format, sizeof(*fmt));
> + fmt->code = MEDIA_BUS_FMT_SGRBG10_1X10;
> + }
> break;
> }
>
> @@ -709,6 +711,9 @@ static int ccp2_enum_mbus_code(struct v4l2_subdev *sd,
>
> format = __ccp2_get_format(ccp2, sd_state, CCP2_PAD_SINK,
> code->which);
> + if (format == NULL)
> + return -EINVAL;
> +
> code->code = format->code;
> }
>
> @@ -792,6 +797,9 @@ static int ccp2_set_format(struct v4l2_subdev *sd,
> if (fmt->pad == CCP2_PAD_SINK) {
> format = __ccp2_get_format(ccp2, sd_state, CCP2_PAD_SOURCE,
> fmt->which);
> + if (format == NULL)
> + return -EINVAL;
> +
> *format = fmt->format;
> ccp2_try_format(ccp2, sd_state, CCP2_PAD_SOURCE, format,
> fmt->which);
--
Regards,
Laurent Pinchart
