From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Andy Shevchenko , "Rafael J. Wysocki" Subject: [PATCH 4.1 144/202] device property: fix potential NULL pointer dereference Date: Sat, 17 Oct 2015 18:58:47 -0700 Message-Id: <20151018014908.467952763@linuxfoundation.org> In-Reply-To: <20151018014901.946875729@linuxfoundation.org> References: <20151018014901.946875729@linuxfoundation.org> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-15 Sender: linux-kernel-owner@vger.kernel.org List-ID: 4.1-stable review patch. If anyone has any objections, please let me know. ------------------ From: Andy Shevchenko commit ecc87eed7beeb50c0be0b73322d62135277ea2b0 upstream. In device_add_property_set() we check pset parameter for a NULL, but few lines later we do a pointer arithmetic without check that will crash kernel in the set_secondary_fwnode(). Here we check if pset parameter is NULL and return immediately. Fixes: 16ba08d5c9ec (device property: Introduce firmware node type for platform data) Signed-off-by: Andy Shevchenko Signed-off-by: Rafael J. Wysocki Signed-off-by: Greg Kroah-Hartman --- drivers/base/property.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) --- a/drivers/base/property.c +++ b/drivers/base/property.c @@ -26,9 +26,10 @@ */ void device_add_property_set(struct device *dev, struct property_set *pset) { - if (pset) - pset->fwnode.type = FWNODE_PDATA; + if (!pset) + return; + pset->fwnode.type = FWNODE_PDATA; set_secondary_fwnode(dev, &pset->fwnode); } EXPORT_SYMBOL_GPL(device_add_property_set);