On Fri, Sep 07 2007, Simon Holm Thøgersen wrote:
> tir, 04 09 2007 kl. 23:06 +0200, skrev Jens Axboe:
> > On Tue, Sep 04 2007, Simon Holm Thøgersen wrote:
> > > tir, 04 09 2007 kl. 13:06 +0200, skrev Jens Axboe:
> > > > On Tue, Sep 04 2007, Micah Gruber wrote:
> > > > > This patch fixes a potential null dereference bug where we dereference us before a null check. This patch simply moves the dereferencing after the null check.
> > > > >
> > > > > Signed-off-by: Micah Gruber <[email protected]>
> > > >
> > > > Be careful with stuff like that, if you actually look at the code, a us
> > > > == NULL doesn't seem to be possible (or usbat_flash_transport() would
> > > > have oopsed before).
> > > >
> > > If that is true, then
> > > if (!us)
> > > return USB_STOR_TRANSPORT_ERROR;
> > > is utterly pointless.
> >
> > Well that was the point I was trying to make, that test and return
> > should be deleted instead.
> >
> I guess we agree that we want the following then.
>
>
> If us would ever be NULL, the function would have oopsed already before
> the check.
Yep, looks much better.
Acked-by: Jens Axboe <[email protected]>
>
> Signed-off-by: Simon Holm Thøgersen <[email protected]>
> ---
>
> --- a/drivers/usb/storage/shuttle_usbat.c
> +++ b/drivers/usb/storage/shuttle_usbat.c
> @@ -190,9 +190,6 @@ static int usbat_check_status(struct us_data *us)
> unsigned char *reply = us->iobuf;
> int rc;
>
> - if (!us)
> - return USB_STOR_TRANSPORT_ERROR;
> -
> rc = usbat_get_status(us, reply);
> if (rc != USB_STOR_XFER_GOOD)
> return USB_STOR_TRANSPORT_FAILED;
>
>
--
Jens Axboe
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]