From: Sasha Levin <Alexander.Levin@microsoft.com>
To: "stable@vger.kernel.org" <stable@vger.kernel.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>
Cc: Sylwester Nawrocki <s.nawrocki@samsung.com>,
Mauro Carvalho Chehab <mchehab+samsung@kernel.org>,
Sasha Levin <Alexander.Levin@microsoft.com>
Subject: [PATCH AUTOSEL 3.18 06/29] media: exynos4-is: Prevent NULL pointer dereference in __isp_video_try_fmt()
Date: Mon, 17 Sep 2018 03:05:40 +0000 [thread overview]
Message-ID: <20180917030533.592-6-alexander.levin@microsoft.com> (raw)
In-Reply-To: <20180917030533.592-1-alexander.levin@microsoft.com>
From: Sylwester Nawrocki <s.nawrocki@samsung.com>
[ Upstream commit 7c1b9a5aeed91bef98988ac0fcf38c8c1f4f9a3a ]
This patch fixes potential NULL pointer dereference as indicated
by the following static checker warning:
drivers/media/platform/exynos4-is/fimc-isp-video.c:408 isp_video_try_fmt_mplane()
error: NULL dereference inside function '__isp_video_try_fmt(isp, &f->fmt.pix_mp, (0))()'.
Fixes: 34947b8aebe3: ("[media] exynos4-is: Add the FIMC-IS ISP capture DMA driver")
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Sylwester Nawrocki <s.nawrocki@samsung.com>
Signed-off-by: Mauro Carvalho Chehab <mchehab+samsung@kernel.org>
Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
---
drivers/media/platform/exynos4-is/fimc-isp-video.c | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/drivers/media/platform/exynos4-is/fimc-isp-video.c b/drivers/media/platform/exynos4-is/fimc-isp-video.c
index 76b6b4d14616..322677f2cbb0 100644
--- a/drivers/media/platform/exynos4-is/fimc-isp-video.c
+++ b/drivers/media/platform/exynos4-is/fimc-isp-video.c
@@ -389,12 +389,17 @@ static void __isp_video_try_fmt(struct fimc_isp *isp,
struct v4l2_pix_format_mplane *pixm,
const struct fimc_fmt **fmt)
{
- *fmt = fimc_isp_find_format(&pixm->pixelformat, NULL, 2);
+ const struct fimc_fmt *__fmt;
+
+ __fmt = fimc_isp_find_format(&pixm->pixelformat, NULL, 2);
+
+ if (fmt)
+ *fmt = __fmt;
pixm->colorspace = V4L2_COLORSPACE_SRGB;
pixm->field = V4L2_FIELD_NONE;
- pixm->num_planes = (*fmt)->memplanes;
- pixm->pixelformat = (*fmt)->fourcc;
+ pixm->num_planes = __fmt->memplanes;
+ pixm->pixelformat = __fmt->fourcc;
/*
* TODO: double check with the docmentation these width/height
* constraints are correct.
--
2.17.1
next prev parent reply other threads:[~2018-09-17 3:09 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-09-17 3:05 [PATCH AUTOSEL 3.18 01/29] crypto: skcipher - Fix -Wstringop-truncation warnings Sasha Levin
2018-09-17 3:05 ` [PATCH AUTOSEL 3.18 02/29] tsl2550: fix lux1_input error in low light Sasha Levin
2018-09-17 3:05 ` [PATCH AUTOSEL 3.18 03/29] x86/numa_emulation: Fix emulated-to-physical node mapping Sasha Levin
2018-09-17 3:05 ` [PATCH AUTOSEL 3.18 04/29] uwb: hwa-rc: fix memory leak at probe Sasha Levin
2018-09-17 3:05 ` [PATCH AUTOSEL 3.18 05/29] USB: serial: kobil_sct: fix modem-status error handling Sasha Levin
2018-09-17 3:05 ` Sasha Levin [this message]
2018-09-17 3:05 ` [PATCH AUTOSEL 3.18 07/29] powerpc/kdump: Handle crashkernel memory reservation failure Sasha Levin
2018-09-17 3:05 ` [PATCH AUTOSEL 3.18 08/29] x86/tsc: Add missing header to tsc_msr.c Sasha Levin
2018-09-17 3:05 ` [PATCH AUTOSEL 3.18 09/29] scsi: target/iscsi: Make iscsit_ta_authentication() respect the output buffer size Sasha Levin
2018-09-17 3:05 ` [PATCH AUTOSEL 3.18 10/29] scsi: ibmvscsi: Improve strings handling Sasha Levin
2018-09-17 3:05 ` [PATCH AUTOSEL 3.18 11/29] usb: wusbcore: security: cast sizeof to int for comparison Sasha Levin
2018-09-17 3:05 ` [PATCH AUTOSEL 3.18 12/29] alarmtimer: Prevent overflow for relative nanosleep Sasha Levin
2018-09-17 3:05 ` [PATCH AUTOSEL 3.18 13/29] s390/extmem: fix gcc 8 stringop-overflow warning Sasha Levin
2018-09-17 3:05 ` [PATCH AUTOSEL 3.18 14/29] ALSA: snd-aoa: add of_node_put() in error path Sasha Levin
2018-09-17 3:05 ` [PATCH AUTOSEL 3.18 15/29] media: s3c-camif: ignore -ENOIOCTLCMD from v4l2_subdev_call for s_power Sasha Levin
2018-09-17 3:05 ` [PATCH AUTOSEL 3.18 16/29] media: soc_camera: ov772x: correct setting of banding filter Sasha Levin
2018-09-17 3:05 ` [PATCH AUTOSEL 3.18 17/29] staging: android: ashmem: Fix mmap size validation Sasha Levin
2018-09-17 3:05 ` [PATCH AUTOSEL 3.18 18/29] drivers/tty: add error handling for pcmcia_loop_config Sasha Levin
2018-09-17 3:05 ` [PATCH AUTOSEL 3.18 19/29] media: tm6000: add error handling for dvb_register_adapter Sasha Levin
2018-09-17 3:05 ` [PATCH AUTOSEL 3.18 20/29] ALSA: hda: Add AZX_DCAPS_PM_RUNTIME for AMD Raven Ridge Sasha Levin
2018-09-17 3:05 ` [PATCH AUTOSEL 3.18 21/29] rndis_wlan: potential buffer overflow in rndis_wlan_auth_indication() Sasha Levin
2018-09-17 3:05 ` [PATCH AUTOSEL 3.18 23/29] ARM: mvebu: declare asm symbols as character arrays in pmsu.c Sasha Levin
2018-09-17 3:05 ` [PATCH AUTOSEL 3.18 22/29] wlcore: Add missing PM call for wlcore_cmd_wait_for_event_or_timeout() Sasha Levin
2018-09-17 3:05 ` [PATCH AUTOSEL 3.18 24/29] HID: hid-ntrig: add error handling for sysfs_create_group Sasha Levin
2018-09-17 3:05 ` [PATCH AUTOSEL 3.18 25/29] scsi: bnx2i: add error handling for ioremap_nocache Sasha Levin
2018-09-17 3:05 ` [PATCH AUTOSEL 3.18 27/29] ASoC: dapm: Fix potential DAI widget pointer deref when linking DAIs Sasha Levin
2018-09-17 3:05 ` [PATCH AUTOSEL 3.18 26/29] audit: Fix extended comparison of GID/EGID Sasha Levin
2018-09-17 3:05 ` [PATCH AUTOSEL 3.18 28/29] module: exclude SHN_UNDEF symbols from kallsyms api Sasha Levin
2018-09-17 3:05 ` [PATCH AUTOSEL 3.18 29/29] nfsd: fix corrupted reply to badly ordered compound Sasha Levin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180917030533.592-6-alexander.levin@microsoft.com \
--to=alexander.levin@microsoft.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mchehab+samsung@kernel.org \
--cc=s.nawrocki@samsung.com \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox