omap-mmc: Fix possible NULL pointer deref

Message ID	1299089903.13604.19.camel@marge (mailing list archive)
State	New, archived
Headers	show Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by demeter1.kernel.org (8.14.4/8.14.3) with ESMTP id p22IIUd2025444 for <patchwork-linux-mmc@patchwork.kernel.org>; Wed, 2 Mar 2011 18:18:30 GMT Subject: [PATCH] omap-mmc: Fix possible NULL pointer deref From: Michael Buesch <mb@bu3sch.de> To: Chris Ball <cjb@laptop.org> Cc: linux-omap <linux-omap@vger.kernel.org>, linux-mmc@vger.kernel.org, Tony Lindgren <tony@atomide.com> Content-Type: text/plain; charset="UTF-8" Date: Wed, 02 Mar 2011 19:18:23 +0100 Message-ID: <1299089903.13604.19.camel@marge> Mime-Version: 1.0 Content-Transfer-Encoding: 7bit Sender: linux-mmc-owner@vger.kernel.org Precedence: bulk

Message ID

1299089903.13604.19.camel@marge (mailing list archive)

State

New, archived

Headers

Subject: [PATCH] omap-mmc: Fix possible NULL pointer deref
From: Michael Buesch <mb@bu3sch.de>
To: Chris Ball <cjb@laptop.org>
Cc: linux-omap <linux-omap@vger.kernel.org>, linux-mmc@vger.kernel.org,
	Tony Lindgren <tony@atomide.com>
Content-Type: text/plain; charset="UTF-8"
Date: Wed, 02 Mar 2011 19:18:23 +0100
Message-ID: <1299089903.13604.19.camel@marge>
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
Sender: linux-mmc-owner@vger.kernel.org
Precedence: bulk

Comments

Chris Ball April 11, 2011, 9:02 p.m. UTC | #1

Hi,

On Wed, Mar 02 2011, Michael Buesch wrote:
> Either OMAP_MMC_STAT_CARD_ERR or OMAP_MMC_STAT_END_OF_CMD might
> fire if there is no host->cmd pointer.
> Check for a valid host->cmd pointer before calling mmc_omap_cmd_done().
>
> Signed-off-by: Michael Buesch <mb@bu3sch.de>
> Acked-by: Tony Lindgren <tony@atomide.com>
>
> ---
>
> Fixes
>
> [    3.814483] Unable to handle kernel NULL pointer dereference at virtual address 00000018
> ...
> [    3.841247] CPU: 0    Not tainted  (2.6.38-rc6 #5)
> [    3.846374] PC is at mmc_omap_cmd_done+0x1c/0x154
> [    3.851379] LR is at mmc_omap_cmd_done+0x1c/0x154
> ...
> [    4.140014] [<c0234af0>] (mmc_omap_cmd_done+0x1c/0x154) from [<c0234ea4>] (mmc_omap_irq+0x27c/0x32c)
> [    4.149749] [<c0234ea4>] (mmc_omap_irq+0x27c/0x32c) from [<c008645c>] (handle_IRQ_event+0x24/0xe4)
> [    4.159332] [<c008645c>] (handle_IRQ_event+0x24/0xe4) from [<c0087dac>] (handle_level_irq+0xbc/0x13c)
> [    4.169158] [<c0087dac>] (handle_level_irq+0xbc/0x13c) from [<c002b070>] (asm_do_IRQ+0x70/0x94)
> [    4.178466] [<c002b070>] (asm_do_IRQ+0x70/0x94) from [<c003016c>] (__irq_svc+0x4c/0xb8)
>
>
> Index: linux-omap-2.6/drivers/mmc/host/omap.c
> ===================================================================
> --- linux-omap-2.6.orig/drivers/mmc/host/omap.c	2011-02-27 12:32:03.051061690 +0100
> +++ linux-omap-2.6/drivers/mmc/host/omap.c	2011-02-27 12:32:27.622530875 +0100
> @@ -832,7 +832,7 @@
>  		return IRQ_HANDLED;
>  	}
>  
> -	if (end_command)
> +	if (end_command && host->cmd)
>  		mmc_omap_cmd_done(host, host->cmd);
>  	if (host->data != NULL) {
>  		if (transfer_error)
>
>

Thanks, pushed to mmc-next.

- Chris.

Index: linux-omap-2.6/drivers/mmc/host/omap.c
===================================================================
--- linux-omap-2.6.orig/drivers/mmc/host/omap.c	2011-02-27 12:32:03.051061690 +0100
+++ linux-omap-2.6/drivers/mmc/host/omap.c	2011-02-27 12:32:27.622530875 +0100
@@ -832,7 +832,7 @@ 
 		return IRQ_HANDLED;
 	}
 
-	if (end_command)
+	if (end_command && host->cmd)
 		mmc_omap_cmd_done(host, host->cmd);
 	if (host->data != NULL) {
 		if (transfer_error)

omap-mmc: Fix possible NULL pointer deref

Commit Message

Comments

Patch