diag: dci: Add NULL pointer checks for dci buffers

The patch initializes dci peripheral buffers to NULL to prevent access before allocation by validating buffer status. CRs-Fixed: 2048635 Change-Id: I9be46e751da81cbbbae4fe0333c23101fdbf79ed Signed-off-by: Manoj Prabhu B <bmanoj@codeaurora.org>
author: Manoj Prabhu B <bmanoj@codeaurora.org> 2017-06-01 14:44:16 +0530
committer: Manoj Prabhu B <bmanoj@codeaurora.org> 2017-06-01 15:26:42 +0530
commit: 440a3b7999214830d2c50761cb542fe89fd54f83 (patch)
tree: 7311668c2efd07a5cf9825a23af9e4c7ce93d276 /drivers/char
parent: bc9a6a81f4dd0748c458aae88c09073953632140 (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/drivers/char/diag/diag_dci.c b/drivers/char/diag/diag_dci.c
index 4a83fc5cc68a..59f480c2c3af 100644
--- a/drivers/char/diag/diag_dci.c
+++ b/drivers/char/diag/diag_dci.c
@@ -2893,6 +2893,8 @@ int diag_dci_register_client(struct diag_dci_reg_tbl_t *reg_entry)
 		new_entry->num_buffers = 1;
 		break;
 	}
+
+	new_entry->buffers = NULL;
 	new_entry->real_time = MODE_REALTIME;
 	new_entry->in_service = 0;
 	INIT_LIST_HEAD(&new_entry->list_write_buf);
@@ -2966,7 +2968,8 @@ int diag_dci_register_client(struct diag_dci_reg_tbl_t *reg_entry)
 
 fail_alloc:
 	if (new_entry) {
-		for (i = 0; i < new_entry->num_buffers; i++) {
+		for (i = 0; ((i < new_entry->num_buffers) &&
+			new_entry->buffers); i++) {
 			proc_buf = &new_entry->buffers[i];
 			if (proc_buf) {
 				mutex_destroy(&proc_buf->health_mutex);
author	Manoj Prabhu B <bmanoj@codeaurora.org>	2017-06-01 14:44:16 +0530
committer	Manoj Prabhu B <bmanoj@codeaurora.org>	2017-06-01 15:26:42 +0530
commit	440a3b7999214830d2c50761cb542fe89fd54f83 (patch)
tree	7311668c2efd07a5cf9825a23af9e4c7ce93d276 /drivers/char
parent	bc9a6a81f4dd0748c458aae88c09073953632140 (diff)