[PATCH] [RFC PATCH] ALSA: usb-audio: endpoint: Prevent NULL pointer deference in snd_usb_endpoint_close

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



When multiple plug-in and plug-out events occur,
there is a risk of encountering a NULL pointer dereference
leading to a kernel panic during a headset use-case.
this issue arises in the snd_usb_endpoint_close function

To avoid check if ep->iface_ref is not null before decrementing
its opened count. If ep->iface_ref is null, we skip the decrement
and the subsequent logic.

Signed-off-by: Rajashekar kuruva <quic_kuruva@xxxxxxxxxxx>
---
 sound/usb/endpoint.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sound/usb/endpoint.c b/sound/usb/endpoint.c
index 8f65349a06d3..0e3101b7e392 100644
--- a/sound/usb/endpoint.c
+++ b/sound/usb/endpoint.c
@@ -950,7 +950,7 @@ void snd_usb_endpoint_close(struct snd_usb_audio *chip,
 	usb_audio_dbg(chip, "Closing EP 0x%x (count %d)\n",
 		      ep->ep_num, ep->opened);
 
-	if (!--ep->iface_ref->opened &&
+	if (ep->iface_ref && !--ep->iface_ref->opened &&
 		!(chip->quirk_flags & QUIRK_FLAG_IFACE_SKIP_CLOSE))
 		endpoint_set_interface(chip, ep, false);
 
-- 
2.25.1





[Index of Archives]     [Linux Media]     [Linux Input]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [Old Linux USB Devel Archive]

  Powered by Linux