On 07.01.2011 2:49, Greg Kroah-Hartman wrote:
From: Felipe Balbi <balbi@xxxxxx>
Case we can't allocate struct musb_request,
prevent a NULL pointer dereference by returning
early.
It's the first time I see this patch, so have no choice but comment here.
Signed-off-by: Felipe Balbi<balbi@xxxxxx>
[...]
diff --git a/drivers/usb/musb/musb_gadget.c b/drivers/usb/musb/musb_gadget.c
index 5d81504..edff014 100644
--- a/drivers/usb/musb/musb_gadget.c
+++ b/drivers/usb/musb/musb_gadget.c
@@ -1072,13 +1072,16 @@ struct usb_request *musb_alloc_request(struct usb_ep *ep, gfp_t gfp_flags)
struct musb_request *request = NULL;
request = kzalloc(sizeof *request, gfp_flags);
- if (request) {
- INIT_LIST_HEAD(&request->request.list);
- request->request.dma = DMA_ADDR_INVALID;
- request->epnum = musb_ep->current_epnum;
- request->ep = musb_ep;
+ if (!request) {
+ DBG(4, "not enough memory\n");
+ return NULL;
}
+ INIT_LIST_HEAD(&request->request.list);
+ request->request.dma = DMA_ADDR_INVALID;
+ request->epnum = musb_ep->current_epnum;
+ request->ep = musb_ep;
+
return &request->request;
I see no dereference here... Felipe, could you elaborate?
WBR, Sergei
--
To unsubscribe from this list: send the line "unsubscribe linux-usb" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
