dereferencing uninitialized variable in anysee_probe()

dereferencing uninitialized variable in anysee_probe()

[Dan Carpenter]

Hi I'm going through some smatch stuff and I had a question.

drivers/media/dvb/dvb-usb/anysee.c +482 anysee_probe(30)
	warn: variable dereferenced before check 'd'

   466          ret = dvb_usb_device_init(intf, &anysee_properties, THIS_MODULE, &d,
   467                  adapter_nr);

	If we're in a cold state then dvb_usb_device_init() can return
	zero but d is uninitialized here.

   468          if (ret)
   469                  return ret;
   470
   471          alt = usb_altnum_to_altsetting(intf, 0);
   472          if (alt == NULL) {
   473                  deb_info("%s: no alt found!\n", __func__);
   474                  return -ENODEV;
   475          }
   476
   477          ret = usb_set_interface(d->udev, alt->desc.bInterfaceNumber,
                                        ^^^^^^^
	That would lead to an oops here.

   478                  alt->desc.bAlternateSetting);

I'm not sure how to fix this.

regards,
dan carpenter

Re: dereferencing uninitialized variable in anysee_probe()

[Antti Palosaari]

Terve Dan,

On 05/31/2010 06:09 PM, Dan Carpenter wrote:
> Hi I'm going through some smatch stuff and I had a question.
>
> drivers/media/dvb/dvb-usb/anysee.c +482 anysee_probe(30)
> 	warn: variable dereferenced before check 'd'
>
>     466          ret = dvb_usb_device_init(intf,&anysee_properties, THIS_MODULE,&d,
>     467                  adapter_nr);
>
> 	If we're in a cold state then dvb_usb_device_init() can return
> 	zero but d is uninitialized here.

Anysee is always warm. Its USB-bridge, Cypress FX2, uploads firmware 
from eeprom and due to that it is never cold from the drivers point of view.

*cold means device needs firmware upload from driver
*warm means device is ready. Firmware is already uploaded or it is not 
needed at all.

>     468          if (ret)
>     469                  return ret;
>     470
>     471          alt = usb_altnum_to_altsetting(intf, 0);
>     472          if (alt == NULL) {
>     473                  deb_info("%s: no alt found!\n", __func__);
>     474                  return -ENODEV;
>     475          }
>     476
>     477          ret = usb_set_interface(d->udev, alt->desc.bInterfaceNumber,
>                                          ^^^^^^^
> 	That would lead to an oops here.
>
>     478                  alt->desc.bAlternateSetting);
>
> I'm not sure how to fix this.

After that answer, do you still see problem?

best regards
Antti
-- 
http://palosaari.fi/

Re: dereferencing uninitialized variable in anysee_probe()

[Dan Carpenter]

On Mon, May 31, 2010 at 06:22:49PM +0300, Antti Palosaari wrote:
> Terve Dan,
>
> On 05/31/2010 06:09 PM, Dan Carpenter wrote:
>> Hi I'm going through some smatch stuff and I had a question.
>>
>> drivers/media/dvb/dvb-usb/anysee.c +482 anysee_probe(30)
>> 	warn: variable dereferenced before check 'd'
>>
>>     466          ret = dvb_usb_device_init(intf,&anysee_properties, THIS_MODULE,&d,
>>     467                  adapter_nr);
>>
>> 	If we're in a cold state then dvb_usb_device_init() can return
>> 	zero but d is uninitialized here.
>
> Anysee is always warm. Its USB-bridge, Cypress FX2, uploads firmware  
> from eeprom and due to that it is never cold from the drivers point of 
> view.
>
> *cold means device needs firmware upload from driver
> *warm means device is ready. Firmware is already uploaded or it is not  
> needed at all.
>

Wow.  Thanks for the quick response.  I was just auditing the code and
noticed some extra null checking which made me confused.  I'll send a
patch for that.

regards,
dan carpenter