From: Tushar Behera <tushar.behera@linaro.org>
To: Rickard Strandqvist <rickard_strandqvist@spectrumdigital.se>,
Ben Dooks <ben-linux@fluff.org>,
Kukjin Kim <kgene.kim@samsung.com>
Cc: alsa-devel@alsa-project.org, linux-samsung-soc@vger.kernel.org,
Sangbeom Kim <sbkim73@samsung.com>,
linux-kernel@vger.kernel.org, Liam Girdwood <lgirdwood@gmail.com>,
Jaroslav Kysela <perex@perex.cz>, Takashi Iwai <tiwai@suse.de>,
Mark Brown <broonie@kernel.org>,
linux-arm-kernel@lists.infradead.org
Subject: Re: [PATCH] sound: soc: samsung: dma.c: Fix for possible null pointer dereference
Date: Tue, 20 May 2014 11:10:59 +0530 [thread overview]
Message-ID: <537AEAEB.8040803@linaro.org> (raw)
In-Reply-To: <1400535443-5886-1-git-send-email-rickard_strandqvist@spectrumdigital.se>
On 05/20/2014 03:07 AM, Rickard Strandqvist wrote:
> There is otherwise a risk of a possible null pointer dereference.
>
> Was largely found by using a static code analysis program called cppcheck.
>
> Signed-off-by: Rickard Strandqvist <rickard_strandqvist@spectrumdigital.se>
> ---
> sound/soc/samsung/dma.c | 10 ++++++----
> 1 file changed, 6 insertions(+), 4 deletions(-)
>
> diff --git a/sound/soc/samsung/dma.c b/sound/soc/samsung/dma.c
> index dc09b71..1d9bcaa 100644
> --- a/sound/soc/samsung/dma.c
> +++ b/sound/soc/samsung/dma.c
> @@ -115,17 +115,19 @@ static void dma_enqueue(struct snd_pcm_substream *substream)
> static void audio_buffdone(void *data)
> {
> struct snd_pcm_substream *substream = data;
> - struct runtime_data *prtd = substream->runtime->private_data;
> + struct runtime_data *prtd = NULL;
I am not sure if this check is required as audio_buffdone() is set as a
callback function with known valid parameter during dma_enqueue().
>
> pr_debug("Entered %s\n", __func__);
>
> - if (prtd->state & ST_RUNNING) {
> + if (substream)
> + prtd = substream->runtime->private_data;
> +
> + if (prtd && prtd->state & ST_RUNNING) {
ditto as above
> prtd->dma_pos += prtd->dma_period;
> if (prtd->dma_pos >= prtd->dma_end)
> prtd->dma_pos = prtd->dma_start;
>
> - if (substream)
> - snd_pcm_period_elapsed(substream);
> + snd_pcm_period_elapsed(substream);
This check certainly can be removed as snd_pcm_period_elapsed() also
checks the validity of the argument.
--
Tushar Behera
WARNING: multiple messages have this Message-ID (diff)
From: tushar.behera@linaro.org (Tushar Behera)
To: linux-arm-kernel@lists.infradead.org
Subject: [PATCH] sound: soc: samsung: dma.c: Fix for possible null pointer dereference
Date: Tue, 20 May 2014 11:10:59 +0530 [thread overview]
Message-ID: <537AEAEB.8040803@linaro.org> (raw)
In-Reply-To: <1400535443-5886-1-git-send-email-rickard_strandqvist@spectrumdigital.se>
On 05/20/2014 03:07 AM, Rickard Strandqvist wrote:
> There is otherwise a risk of a possible null pointer dereference.
>
> Was largely found by using a static code analysis program called cppcheck.
>
> Signed-off-by: Rickard Strandqvist <rickard_strandqvist@spectrumdigital.se>
> ---
> sound/soc/samsung/dma.c | 10 ++++++----
> 1 file changed, 6 insertions(+), 4 deletions(-)
>
> diff --git a/sound/soc/samsung/dma.c b/sound/soc/samsung/dma.c
> index dc09b71..1d9bcaa 100644
> --- a/sound/soc/samsung/dma.c
> +++ b/sound/soc/samsung/dma.c
> @@ -115,17 +115,19 @@ static void dma_enqueue(struct snd_pcm_substream *substream)
> static void audio_buffdone(void *data)
> {
> struct snd_pcm_substream *substream = data;
> - struct runtime_data *prtd = substream->runtime->private_data;
> + struct runtime_data *prtd = NULL;
I am not sure if this check is required as audio_buffdone() is set as a
callback function with known valid parameter during dma_enqueue().
>
> pr_debug("Entered %s\n", __func__);
>
> - if (prtd->state & ST_RUNNING) {
> + if (substream)
> + prtd = substream->runtime->private_data;
> +
> + if (prtd && prtd->state & ST_RUNNING) {
ditto as above
> prtd->dma_pos += prtd->dma_period;
> if (prtd->dma_pos >= prtd->dma_end)
> prtd->dma_pos = prtd->dma_start;
>
> - if (substream)
> - snd_pcm_period_elapsed(substream);
> + snd_pcm_period_elapsed(substream);
This check certainly can be removed as snd_pcm_period_elapsed() also
checks the validity of the argument.
--
Tushar Behera
WARNING: multiple messages have this Message-ID (diff)
From: Tushar Behera <tushar.behera@linaro.org>
To: Rickard Strandqvist <rickard_strandqvist@spectrumdigital.se>,
Ben Dooks <ben-linux@fluff.org>,
Kukjin Kim <kgene.kim@samsung.com>
Cc: Sangbeom Kim <sbkim73@samsung.com>,
Liam Girdwood <lgirdwood@gmail.com>,
Mark Brown <broonie@kernel.org>, Jaroslav Kysela <perex@perex.cz>,
Takashi Iwai <tiwai@suse.de>,
linux-arm-kernel@lists.infradead.org,
linux-samsung-soc@vger.kernel.org, alsa-devel@alsa-project.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH] sound: soc: samsung: dma.c: Fix for possible null pointer dereference
Date: Tue, 20 May 2014 11:10:59 +0530 [thread overview]
Message-ID: <537AEAEB.8040803@linaro.org> (raw)
In-Reply-To: <1400535443-5886-1-git-send-email-rickard_strandqvist@spectrumdigital.se>
On 05/20/2014 03:07 AM, Rickard Strandqvist wrote:
> There is otherwise a risk of a possible null pointer dereference.
>
> Was largely found by using a static code analysis program called cppcheck.
>
> Signed-off-by: Rickard Strandqvist <rickard_strandqvist@spectrumdigital.se>
> ---
> sound/soc/samsung/dma.c | 10 ++++++----
> 1 file changed, 6 insertions(+), 4 deletions(-)
>
> diff --git a/sound/soc/samsung/dma.c b/sound/soc/samsung/dma.c
> index dc09b71..1d9bcaa 100644
> --- a/sound/soc/samsung/dma.c
> +++ b/sound/soc/samsung/dma.c
> @@ -115,17 +115,19 @@ static void dma_enqueue(struct snd_pcm_substream *substream)
> static void audio_buffdone(void *data)
> {
> struct snd_pcm_substream *substream = data;
> - struct runtime_data *prtd = substream->runtime->private_data;
> + struct runtime_data *prtd = NULL;
I am not sure if this check is required as audio_buffdone() is set as a
callback function with known valid parameter during dma_enqueue().
>
> pr_debug("Entered %s\n", __func__);
>
> - if (prtd->state & ST_RUNNING) {
> + if (substream)
> + prtd = substream->runtime->private_data;
> +
> + if (prtd && prtd->state & ST_RUNNING) {
ditto as above
> prtd->dma_pos += prtd->dma_period;
> if (prtd->dma_pos >= prtd->dma_end)
> prtd->dma_pos = prtd->dma_start;
>
> - if (substream)
> - snd_pcm_period_elapsed(substream);
> + snd_pcm_period_elapsed(substream);
This check certainly can be removed as snd_pcm_period_elapsed() also
checks the validity of the argument.
--
Tushar Behera
next prev parent reply other threads:[~2014-05-20 5:40 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-05-19 21:37 [PATCH] sound: soc: samsung: dma.c: Fix for possible null pointer dereference Rickard Strandqvist
2014-05-19 21:37 ` Rickard Strandqvist
2014-05-20 5:40 ` Tushar Behera [this message]
2014-05-20 5:40 ` Tushar Behera
2014-05-20 5:40 ` Tushar Behera
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=537AEAEB.8040803@linaro.org \
--to=tushar.behera@linaro.org \
--cc=alsa-devel@alsa-project.org \
--cc=ben-linux@fluff.org \
--cc=broonie@kernel.org \
--cc=kgene.kim@samsung.com \
--cc=lgirdwood@gmail.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-samsung-soc@vger.kernel.org \
--cc=perex@perex.cz \
--cc=rickard_strandqvist@spectrumdigital.se \
--cc=sbkim73@samsung.com \
--cc=tiwai@suse.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.