Hi Dan/Philipp,
On Fri, Apr 11, 2014 at 8:08 AM, Dan Carpenter <dan.carpenter@xxxxxxxxxx> wrote:
> What ever happened with this?
>
> regards,
> dan carpenter
>
> On Wed, Nov 06, 2013 at 07:13:43PM +0300, Dan Carpenter wrote:
>> Hello Philipp Zabel,
>>
>> This is a semi-automatic email about new static checker warnings.
>>
>> The patch 5677e3b04d3b: "[media] coda: update CODA7541 to firmware
>> 1.4.50" from Jun 21, 2013, leads to the following Smatch complaint:
>>
>> drivers/media/platform/coda.c:1530 coda_alloc_framebuffers()
>> error: we previously assumed 'ctx->codec' could be null (see line 1521)
>>
>> drivers/media/platform/coda.c
>> 1520
>> 1521 if (ctx->codec && ctx->codec->src_fourcc == V4L2_PIX_FMT_H264)
>> ^^^^^^^^^^
>> Patch introduces a new NULL check.
>>
>> 1522 height = round_up(height, 16);
>> 1523 ysize = round_up(q_data->width, 8) * height;
>> 1524
>> 1525 /* Allocate frame buffers */
>> 1526 for (i = 0; i < ctx->num_internal_frames; i++) {
>> 1527 size_t size;
>> 1528
>> 1529 size = q_data->sizeimage;
>> 1530 if (ctx->codec->src_fourcc == V4L2_PIX_FMT_H264 &&
>> ^^^^^^^^^^^^^^^^^^^^^^
>> Patch introduces a new unchecked dereference.
>>
>> 1531 dev->devtype->product != CODA_DX6)
>> 1532 ctx->internal_frames[i].size += ysize/4;
Would the fix below address this issue?
--- a/drivers/media/platform/coda.c
+++ b/drivers/media/platform/coda.c
@@ -1518,7 +1518,10 @@ static int coda_alloc_framebuffers(struct coda_ctx *ctx,
int ret;
int i;
- if (ctx->codec && ctx->codec->src_fourcc == V4L2_PIX_FMT_H264)
+ if (!ctx->codec)
+ return -EINVAL;
+
+ if (ctx->codec->src_fourcc == V4L2_PIX_FMT_H264)
height = round_up(height, 16);
ysize = round_up(q_data->width, 8) * height;
--
To unsubscribe from this list: send the line "unsubscribe linux-media" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
