Re: [PATCH] spi: bcm2835: bcm2835_spi_handle_err(): fix NULL pointer deref for non DMA transfers

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

[+cc Jens, Florian, Stefan, Mark]

On Tue, Jul 19, 2022 at 09:22:35AM +0200, Marc Kleine-Budde wrote:
> In case a IRQ based transfer times out the bcm2835_spi_handle_err()
> function is called. Since commit 1513ceee70f2 ("spi: bcm2835: Drop
> dma_pending flag") the TX and RX DMA transfers are unconditionally
> canceled, leading to NULL pointer derefs if ctlr->dma_tx or
> ctlr->dma_rx are not set.
> 
> Fix the NULL pointer deref by checking that ctlr->dma_tx and
> ctlr->dma_rx are valid pointers before accessing them.
> 
> Fixes: 1513ceee70f2 ("spi: bcm2835: Drop dma_pending flag")
> Cc: Lukas Wunner <lukas@xxxxxxxxx>
> Signed-off-by: Marc Kleine-Budde <mkl@xxxxxxxxxxxxxx>

Link: https://lore.kernel.org/linux-spi/20220603142340.42271-1-jensctl@xxxxxxxxx/
[Index of Archives]     [Linux Kernel]     [Linux ARM (vger)]     [Linux ARM MSM]     [Linux Omap]     [Linux Arm]     [Linux Tegra]     [Fedora ARM]     [Linux for Samsung SOC]     [eCos]     [Linux Fastboot]     [Gcc Help]     [Git]     [DCCP]     [IETF Announce]     [Security]     [Linux MIPS]     [Yosemite Campsites]

  Powered by Linux