diff mbox series

rtw88: don't treat NULL pointer as an array

Message ID 20200821211716.1631556-1-briannorris@chromium.org (mailing list archive)
State Accepted
Commit 22b726cbdd09d9891ede8aa122a950d2d0ae5e09
Delegated to: Kalle Valo
Headers show
Series rtw88: don't treat NULL pointer as an array | expand

Commit Message

Brian Norris Aug. 21, 2020, 9:17 p.m. UTC 
I'm not a standards expert, but this really looks to be undefined
behavior, when chip->dig_cck may be NULL. (And, we're trying to do a
NULL check a few lines down, because some chip variants will use NULL.)

Fixes: fc637a860a82 ("rtw88: 8723d: Set IG register for CCK rate")
Signed-off-by: Brian Norris <briannorris@chromium.org>
---
 drivers/net/wireless/realtek/rtw88/phy.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

Comments

Tony Chuang Aug. 24, 2020, 1:50 a.m. UTC | #1 
> 
> I'm not a standards expert, but this really looks to be undefined
> behavior, when chip->dig_cck may be NULL. (And, we're trying to do a
> NULL check a few lines down, because some chip variants will use NULL.)
> 
> Fixes: fc637a860a82 ("rtw88: 8723d: Set IG register for CCK rate")

Acked-by: Yan-Hsuan Chuang <yhchuang@realtek.com>
> Signed-off-by: Brian Norris <briannorris@chromium.org>
> ---
>  drivers/net/wireless/realtek/rtw88/phy.c | 5 +++--
>  1 file changed, 3 insertions(+), 2 deletions(-)
> 
> diff --git a/drivers/net/wireless/realtek/rtw88/phy.c
> b/drivers/net/wireless/realtek/rtw88/phy.c
> index 8d93f3159746..9687b376d221 100644
> --- a/drivers/net/wireless/realtek/rtw88/phy.c
> +++ b/drivers/net/wireless/realtek/rtw88/phy.c
> @@ -147,12 +147,13 @@ void rtw_phy_dig_write(struct rtw_dev *rtwdev, u8
> igi)
>  {
>  	struct rtw_chip_info *chip = rtwdev->chip;
>  	struct rtw_hal *hal = &rtwdev->hal;
> -	const struct rtw_hw_reg *dig_cck = &chip->dig_cck[0];
>  	u32 addr, mask;
>  	u8 path;
> 
> -	if (dig_cck)
> +	if (chip->dig_cck) {
> +		const struct rtw_hw_reg *dig_cck = &chip->dig_cck[0];
>  		rtw_write32_mask(rtwdev, dig_cck->addr, dig_cck->mask, igi >> 1);
> +	}
> 
>  	for (path = 0; path < hal->rf_path_num; path++) {
>  		addr = chip->dig[path].addr;

Thanks.
Yen-Hsuan
Kalle Valo Aug. 27, 2020, 10:04 a.m. UTC | #2 
Brian Norris <briannorris@chromium.org> wrote:

> I'm not a standards expert, but this really looks to be undefined
> behavior, when chip->dig_cck may be NULL. (And, we're trying to do a
> NULL check a few lines down, because some chip variants will use NULL.)
> 
> Fixes: fc637a860a82 ("rtw88: 8723d: Set IG register for CCK rate")
> Signed-off-by: Brian Norris <briannorris@chromium.org>
> Acked-by: Yan-Hsuan Chuang <yhchuang@realtek.com>

Patch applied to wireless-drivers-next.git, thanks.

22b726cbdd09 rtw88: don't treat NULL pointer as an array
diff mbox series

Patch

diff --git a/drivers/net/wireless/realtek/rtw88/phy.c b/drivers/net/wireless/realtek/rtw88/phy.c
index 8d93f3159746..9687b376d221 100644
--- a/drivers/net/wireless/realtek/rtw88/phy.c
+++ b/drivers/net/wireless/realtek/rtw88/phy.c
@@ -147,12 +147,13 @@  void rtw_phy_dig_write(struct rtw_dev *rtwdev, u8 igi)
 {
 	struct rtw_chip_info *chip = rtwdev->chip;
 	struct rtw_hal *hal = &rtwdev->hal;
-	const struct rtw_hw_reg *dig_cck = &chip->dig_cck[0];
 	u32 addr, mask;
 	u8 path;
 
-	if (dig_cck)
+	if (chip->dig_cck) {
+		const struct rtw_hw_reg *dig_cck = &chip->dig_cck[0];
 		rtw_write32_mask(rtwdev, dig_cck->addr, dig_cck->mask, igi >> 1);
+	}
 
 	for (path = 0; path < hal->rf_path_num; path++) {
 		addr = chip->dig[path].addr;