* [PATCH 4.4 0/1] Fix null pointer deref
@ 2025-03-23 8:21 Alexander Grund
2025-03-23 8:21 ` [PATCH 4.4 1/1] can: dev: make can_change_state() robust to be called with cf == NULL Alexander Grund
2025-03-27 12:57 ` [PATCH 4.4 0/1] Fix null pointer deref Ulrich Hecht
0 siblings, 2 replies; 3+ messages in thread
From: Alexander Grund @ 2025-03-23 8:21 UTC (permalink / raw)
To: cip-dev; +Cc: uli+cip
From: Alexander Grund <flamefire89@gmail.com>
The patch
"can: sun4i_can: sun4i_can_err(): call can_change_state() even if cf is NULL"
assumes the following patch which isn't applied yet to cip-4.4
Marc Kleine-Budde (1):
can: dev: make can_change_state() robust to be called with cf == NULL
drivers/net/can/dev.c | 3 +++
1 file changed, 3 insertions(+)
--
2.40.1
^ permalink raw reply [flat|nested] 3+ messages in thread
* [PATCH 4.4 1/1] can: dev: make can_change_state() robust to be called with cf == NULL
2025-03-23 8:21 [PATCH 4.4 0/1] Fix null pointer deref Alexander Grund
@ 2025-03-23 8:21 ` Alexander Grund
2025-03-27 12:57 ` [PATCH 4.4 0/1] Fix null pointer deref Ulrich Hecht
1 sibling, 0 replies; 3+ messages in thread
From: Alexander Grund @ 2025-03-23 8:21 UTC (permalink / raw)
To: cip-dev; +Cc: uli+cip
From: Marc Kleine-Budde <mkl@pengutronix.de>
In OOM situations where no skb can be allocated, can_change_state() may
be called with cf == NULL. As this function updates the state and error
statistics it's not an option to skip the call to can_change_state() in
OOM situations.
This patch makes can_change_state() robust, so that it can be called
with cf == NULL.
Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
---
drivers/net/can/dev.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/drivers/net/can/dev.c b/drivers/net/can/dev.c
index 2835aeb11c9f..eeeba3f5c8b4 100644
--- a/drivers/net/can/dev.c
+++ b/drivers/net/can/dev.c
@@ -341,6 +341,9 @@ void can_change_state(struct net_device *dev, struct can_frame *cf,
can_update_state_error_stats(dev, new_state);
priv->state = new_state;
+ if (!cf)
+ return;
+
if (unlikely(new_state == CAN_STATE_BUS_OFF)) {
cf->can_id |= CAN_ERR_BUSOFF;
return;
--
2.40.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH 4.4 0/1] Fix null pointer deref
2025-03-23 8:21 [PATCH 4.4 0/1] Fix null pointer deref Alexander Grund
2025-03-23 8:21 ` [PATCH 4.4 1/1] can: dev: make can_change_state() robust to be called with cf == NULL Alexander Grund
@ 2025-03-27 12:57 ` Ulrich Hecht
1 sibling, 0 replies; 3+ messages in thread
From: Ulrich Hecht @ 2025-03-27 12:57 UTC (permalink / raw)
To: Alexander Grund, cip-dev
> On 03/23/2025 9:21 AM CET Alexander Grund <theflamefire89@gmail.com> wrote:
> The patch
> "can: sun4i_can: sun4i_can_err(): call can_change_state() even if cf is NULL"
> assumes the following patch which isn't applied yet to cip-4.4
>
> Marc Kleine-Budde (1):
> can: dev: make can_change_state() robust to be called with cf == NULL
Picked it, thanks!
CU
Uli
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2025-03-27 12:57 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-03-23 8:21 [PATCH 4.4 0/1] Fix null pointer deref Alexander Grund
2025-03-23 8:21 ` [PATCH 4.4 1/1] can: dev: make can_change_state() robust to be called with cf == NULL Alexander Grund
2025-03-27 12:57 ` [PATCH 4.4 0/1] Fix null pointer deref Ulrich Hecht
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox