| Message ID | 20170530220520.GA8713@embeddedgus (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
Hi Jason, Quoting Jason Gunthorpe <jgunthorpe@obsidianresearch.com>: > On Tue, May 30, 2017 at 05:05:20PM -0500, Gustavo A. R. Silva wrote: >> NULL check at line 376: if (!chip) {, implies chip might be NULL. >> Function dev_get_drvdata() dereference pointer chip. >> Move pointer tmp_dev assignment after the NULL check. > > chip cannot be null in st33zp24_send, please remove the bogus if > instead. > I get it. Thanks for clarifying. -- Gustavo A. R. Silva ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
diff --git a/drivers/char/tpm/st33zp24/st33zp24.c b/drivers/char/tpm/st33zp24/st33zp24.c index 4d1dc8b..f45e8c7 100644 --- a/drivers/char/tpm/st33zp24/st33zp24.c +++ b/drivers/char/tpm/st33zp24/st33zp24.c @@ -367,7 +367,7 @@ static irqreturn_t tpm_ioserirq_handler(int irq, void *dev_id) static int st33zp24_send(struct tpm_chip *chip, unsigned char *buf, size_t len) { - struct st33zp24_dev *tpm_dev = dev_get_drvdata(&chip->dev); + struct st33zp24_dev *tpm_dev; u32 status, i, size, ordinal; int burstcnt = 0; int ret; @@ -382,6 +382,7 @@ static int st33zp24_send(struct tpm_chip *chip, unsigned char *buf, if (ret < 0) return ret; + tpm_dev = dev_get_drvdata(&chip->dev); status = st33zp24_status(chip); if ((status & TPM_STS_COMMAND_READY) == 0) { st33zp24_cancel(chip);
NULL check at line 376: if (!chip) {, implies chip might be NULL. Function dev_get_drvdata() dereference pointer chip. Move pointer tmp_dev assignment after the NULL check. Addresses-Coverity-ID: 1397648 Signed-off-by: Gustavo A. R. Silva <garsilva@embeddedor.com> --- drivers/char/tpm/st33zp24/st33zp24.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)