netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH] KS8851: NULL pointer dereference if list is empty
@ 2010-04-17  0:48 Abraham Arce
  2010-04-21 23:29 ` David Miller
  0 siblings, 1 reply; 2+ messages in thread
From: Abraham Arce @ 2010-04-17  0:48 UTC (permalink / raw)
  To: netdev

Fix NULL pointer dereference in ks8851_tx_work by checking if dequeued
list is already empty before writing the packet to TX FIFO

 Unable to handle kernel NULL pointer dereference at virtual address 00000050
 PC is at ks8851_tx_work+0xdc/0x1b0
 LR is at wait_for_common+0x148/0x164
 pc : [<c01c0df4>]    lr : [<c025a980>]    psr: 20000013
 Backtrace:
  ks8851_tx_work+0x0/0x1b0
  worker_thread+0x0/0x190
  kthread+0x0/0x90

Signed-off-by: Abraham Arce <x0066660@ti.com>
---
 drivers/net/ks8851.c |   12 +++++++-----
 1 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/drivers/net/ks8851.c b/drivers/net/ks8851.c
index 13cc1ca..9e9f9b3 100644
--- a/drivers/net/ks8851.c
+++ b/drivers/net/ks8851.c
@@ -722,12 +722,14 @@ static void ks8851_tx_work(struct work_struct *work)
 		txb = skb_dequeue(&ks->txq);
 		last = skb_queue_empty(&ks->txq);

-		ks8851_wrreg16(ks, KS_RXQCR, ks->rc_rxqcr | RXQCR_SDA);
-		ks8851_wrpkt(ks, txb, last);
-		ks8851_wrreg16(ks, KS_RXQCR, ks->rc_rxqcr);
-		ks8851_wrreg16(ks, KS_TXQCR, TXQCR_METFE);
+		if (txb != NULL) {
+			ks8851_wrreg16(ks, KS_RXQCR, ks->rc_rxqcr | RXQCR_SDA);
+			ks8851_wrpkt(ks, txb, last);
+			ks8851_wrreg16(ks, KS_RXQCR, ks->rc_rxqcr);
+			ks8851_wrreg16(ks, KS_TXQCR, TXQCR_METFE);

-		ks8851_done_tx(ks, txb);
+			ks8851_done_tx(ks, txb);
+		}
 	}

 	mutex_unlock(&ks->lock);
-- 
1.5.4.3

^ permalink raw reply related	[flat|nested] 2+ messages in thread
* Re: [PATCH] KS8851: NULL pointer dereference if list is empty
  2010-04-17  0:48 [PATCH] KS8851: NULL pointer dereference if list is empty Abraham Arce
@ 2010-04-21 23:29 ` David Miller
  0 siblings, 0 replies; 2+ messages in thread
From: David Miller @ 2010-04-21 23:29 UTC (permalink / raw)
  To: abraham.arce.moreno; +Cc: netdev

From: Abraham Arce <abraham.arce.moreno@gmail.com>
Date: Fri, 16 Apr 2010 19:48:43 -0500

> Fix NULL pointer dereference in ks8851_tx_work by checking if dequeued
> list is already empty before writing the packet to TX FIFO
> 
>  Unable to handle kernel NULL pointer dereference at virtual address 00000050
>  PC is at ks8851_tx_work+0xdc/0x1b0
>  LR is at wait_for_common+0x148/0x164
>  pc : [<c01c0df4>]    lr : [<c025a980>]    psr: 20000013
>  Backtrace:
>   ks8851_tx_work+0x0/0x1b0
>   worker_thread+0x0/0x190
>   kthread+0x0/0x90
> 
> Signed-off-by: Abraham Arce <x0066660@ti.com>

Applied to net-2.6, thanks.

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2010-04-21 23:29 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-04-17  0:48 [PATCH] KS8851: NULL pointer dereference if list is empty Abraham Arce
2010-04-21 23:29 ` David Miller

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).