Dereference of null pointer in the __gb_lights_flash_brightness_set function.
Assigning the channel the result of executing the get_channel_from_mode function
without checking for NULL may result in an error.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Fixes: 2870b52bae4c ("greybus: lights: add lights implementation")
Signed-off-by: Mikhail Lobanov <m.lobanov@xxxxxxxxxxxx>
---
drivers/staging/greybus/light.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/drivers/staging/greybus/light.c b/drivers/staging/greybus/light.c
index 87d36948c610..929514350947 100644
--- a/drivers/staging/greybus/light.c
+++ b/drivers/staging/greybus/light.c
@@ -148,10 +148,15 @@ static int __gb_lights_flash_brightness_set(struct gb_channel *channel)
GB_CHANNEL_MODE_TORCH);
/* For not flash we need to convert brightness to intensity */
- intensity = channel->intensity_uA.min +
+
+ if (channel) {
+ intensity = channel->intensity_uA.min +
(channel->intensity_uA.step * channel->led->brightness);
- return __gb_lights_flash_intensity_set(channel, intensity);
+ return __gb_lights_flash_intensity_set(channel, intensity);
+ }
+
+ return 0;
}
#else
static struct gb_channel *get_channel_from_cdev(struct led_classdev *cdev)
--
2.43.0
