diff options
author | Manoj Prabhu B <bmanoj@codeaurora.org> | 2017-06-01 14:44:16 +0530 |
---|---|---|
committer | Manoj Prabhu B <bmanoj@codeaurora.org> | 2017-06-01 15:26:42 +0530 |
commit | 440a3b7999214830d2c50761cb542fe89fd54f83 (patch) | |
tree | 7311668c2efd07a5cf9825a23af9e4c7ce93d276 /drivers/char | |
parent | bc9a6a81f4dd0748c458aae88c09073953632140 (diff) |
diag: dci: Add NULL pointer checks for dci buffers
The patch initializes dci peripheral buffers to NULL
to prevent access before allocation by validating buffer status.
CRs-Fixed: 2048635
Change-Id: I9be46e751da81cbbbae4fe0333c23101fdbf79ed
Signed-off-by: Manoj Prabhu B <bmanoj@codeaurora.org>
Diffstat (limited to 'drivers/char')
-rw-r--r-- | drivers/char/diag/diag_dci.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/drivers/char/diag/diag_dci.c b/drivers/char/diag/diag_dci.c index 4a83fc5cc68a..59f480c2c3af 100644 --- a/drivers/char/diag/diag_dci.c +++ b/drivers/char/diag/diag_dci.c @@ -2893,6 +2893,8 @@ int diag_dci_register_client(struct diag_dci_reg_tbl_t *reg_entry) new_entry->num_buffers = 1; break; } + + new_entry->buffers = NULL; new_entry->real_time = MODE_REALTIME; new_entry->in_service = 0; INIT_LIST_HEAD(&new_entry->list_write_buf); @@ -2966,7 +2968,8 @@ int diag_dci_register_client(struct diag_dci_reg_tbl_t *reg_entry) fail_alloc: if (new_entry) { - for (i = 0; i < new_entry->num_buffers; i++) { + for (i = 0; ((i < new_entry->num_buffers) && + new_entry->buffers); i++) { proc_buf = &new_entry->buffers[i]; if (proc_buf) { mutex_destroy(&proc_buf->health_mutex); |