| Message ID | 20250409211727.62710-1-siddarthsgml@gmail.com (mailing list archive) |
|---|---|
| State | New |
| Headers | show |
| Series | staging/media/imx: fix null pointer dereference | expand |
On Thu, Apr 10, 2025 at 02:47:27AM +0530, Siddarth G wrote: > Cppcheck warnings: > > drivers/staging/media/imx/imx-media-fim.c:79:6: > error: Null pointer dereference: fi [ctunullpointer] > if (fi->denominator == 0) { > > drivers/staging/media/imx/imx-media-csi.c:795:27: > note: Calling function imx_media_fim_set_stream, 2nd argument is null > imx_media_fim_set_stream(priv->fim, NULL, false); ^^^^^ This is a false positive. The false means that we don't call update_fim_nominal(). Btw, Smatch parses this one correctly. > > drivers/staging/media/imx/imx-media-fim.c:388:3: > note: Calling function update_fim_nominal, 2nd argument is null > update_fim_nominal(fim, fi); > > drivers/staging/media/imx/imx-media-fim.c:79:6: > note: Dereferencing argument fi that is null > if (fi->denominator == 0) { > > To fix the issue, add a check to validate that the 'fi' is not > null before accessing its members. > > Signed-off-by: Siddarth G <siddarthsgml@gmail.com> Don't resend because we just ignore false positives instead of trying to silence them. But if this were a real bug then it would need a Fixes tag. > --- > drivers/staging/media/imx/imx-media-fim.c | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/drivers/staging/media/imx/imx-media-fim.c b/drivers/staging/media/imx/imx-media-fim.c > index ccbc0371fba2..25f79d0f87b9 100644 > --- a/drivers/staging/media/imx/imx-media-fim.c > +++ b/drivers/staging/media/imx/imx-media-fim.c > @@ -76,6 +76,9 @@ static bool icap_enabled(struct imx_media_fim *fim) > static void update_fim_nominal(struct imx_media_fim *fim, > const struct v4l2_fract *fi) > { > + if (!fi) > + return; If this were a real bug, then probably the NULL check would be better in the caller. regards, dan carpenter > + > if (fi->denominator == 0) { > dev_dbg(fim->sd->dev, "no frame interval, FIM disabled\n"); > fim->enabled = false; > -- > 2.43.0 >
diff --git a/drivers/staging/media/imx/imx-media-fim.c b/drivers/staging/media/imx/imx-media-fim.c index ccbc0371fba2..25f79d0f87b9 100644 --- a/drivers/staging/media/imx/imx-media-fim.c +++ b/drivers/staging/media/imx/imx-media-fim.c @@ -76,6 +76,9 @@ static bool icap_enabled(struct imx_media_fim *fim) static void update_fim_nominal(struct imx_media_fim *fim, const struct v4l2_fract *fi) { + if (!fi) + return; + if (fi->denominator == 0) { dev_dbg(fim->sd->dev, "no frame interval, FIM disabled\n"); fim->enabled = false;
Cppcheck warnings: drivers/staging/media/imx/imx-media-fim.c:79:6: error: Null pointer dereference: fi [ctunullpointer] if (fi->denominator == 0) { drivers/staging/media/imx/imx-media-csi.c:795:27: note: Calling function imx_media_fim_set_stream, 2nd argument is null imx_media_fim_set_stream(priv->fim, NULL, false); drivers/staging/media/imx/imx-media-fim.c:388:3: note: Calling function update_fim_nominal, 2nd argument is null update_fim_nominal(fim, fi); drivers/staging/media/imx/imx-media-fim.c:79:6: note: Dereferencing argument fi that is null if (fi->denominator == 0) { To fix the issue, add a check to validate that the 'fi' is not null before accessing its members. Signed-off-by: Siddarth G <siddarthsgml@gmail.com> --- drivers/staging/media/imx/imx-media-fim.c | 3 +++ 1 file changed, 3 insertions(+)