Hi Laurent, On Fri, Aug 02, 2024 at 09:18:41PM +0300, Laurent Pinchart wrote: >Hi Abhishek, > >(CC'ing Michael Grzeschik) > >Thank you for the patch. > >On Fri, Aug 02, 2024 at 11:32:47PM +0530, Abhishek Tamboli wrote: >> Fix potential dereferencing of ERR_PTR() in find_format_by_pix() >> and uvc_v4l2_enum_format(). >> >> Fix the following smatch errors: >> >> drivers/usb/gadget/function/uvc_v4l2.c:124 find_format_by_pix() >> error: 'fmtdesc' dereferencing possible ERR_PTR() >> drivers/usb/gadget/function/uvc_v4l2.c:392 uvc_v4l2_enum_format() >> error: 'fmtdesc' dereferencing possible ERR_PTR() >> >> Signed-off-by: Abhishek Tamboli >> --- >> drivers/usb/gadget/function/uvc_v4l2.c | 6 ++++++ >> 1 file changed, 6 insertions(+) >> >> diff --git a/drivers/usb/gadget/function/uvc_v4l2.c b/drivers/usb/gadget/function/uvc_v4l2.c >> index a024aecb76dc..9dd602a742c4 100644 >> --- a/drivers/usb/gadget/function/uvc_v4l2.c >> +++ b/drivers/usb/gadget/function/uvc_v4l2.c >> @@ -121,6 +121,9 @@ static struct uvcg_format *find_format_by_pix(struct uvc_device *uvc, >> list_for_each_entry(format, &uvc->header->formats, entry) { >> const struct uvc_format_desc *fmtdesc = to_uvc_format(format->fmt); >> >> + if (IS_ERR(fmtdesc)) >> + continue; >> + >> if (fmtdesc->fcc == pixelformat) { >> uformat = format->fmt; >> break; >> @@ -389,6 +392,9 @@ uvc_v4l2_enum_format(struct file *file, void *fh, struct v4l2_fmtdesc *f) >> return -EINVAL; >> >> fmtdesc = to_uvc_format(uformat); >> + if (IS_ERR(fmtdesc)) >> + return -EINVAL; >> + >> f->pixelformat = fmtdesc->fcc; >> >> return 0; > >Michael, you authored this, I'll let you review the patch and decide if >this is a false positive. Since the following patch was applied, https://lore.kernel.org/all/20240221-uvc-gadget-configfs-guid-v1-1-f0678ca62ebb@pengutronix.de/ the issue is technically impossible to happen. However the patch I mentioned was only applied recently and in all older kernels someone could add a format into configfs that is not part of uvc_format_desc from drivers/media/common/uvc.c and therefor can run into the issue. As this will also not hurt the current kernel I would like the patch to be applied with the Tag: Fixes: 588b9e8560 (usb: gadget: uvc: add v4l2 enumeration api calls) Thanks, Michael -- Pengutronix e.K. | | Steuerwalder Str. 21 | http://www.pengutronix.de/ | 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 | Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |