[PATCH] staging: media: lirc: lirc_zilog: Fix for possible null pointer dereference
Andy Walls
awalls at md.metrocast.net
Sat Jan 31 00:01:24 UTC 2015
On Fri, 2015-01-30 at 08:09 -0500, Valdis.Kletnieks at vt.edu wrote:
> On Fri, 30 Jan 2015 16:00:02 +0300, Dan Carpenter said:
>
> > > > - if (ir == NULL) {
> > > > - dev_err(ir->l.dev, "close: no private_data attached to the file
> !\n");
> > >
commit be4aa8157c981a8bb9634b886bf1180f97205259
removed the dprintk(), which didn't depend on ir->l.dev, with this
dev_err() call. That was the wrong thing to do. pr_info() is probably
the right thing to use, if one doesn't have a struct device instance.
> > > Yes, the dev_err() call is an obvious thinko.
> > >
> > > However, I'm not sure whether removing it entirely is right either. If
> > > there *should* be a struct IR * passed there, maybe some other printk()
> > > should be issued, or even a WARN_ON(!ir), or something?
> >
> > We set filep->private_data to non-NULL in open() so I don't think it can
> > be NULL here.
>
> Then probably the *right* fix is to remove the *entire* if statement, as
> we can't end up doing the 'return -ENODEV'....
The if() clause is here as an artifact of being part of a mass port of
lirc drivers from userspace. I never removed it, because I needed it
when fixing all the lirc_zilog.c ref counting.
IF I got all the lirc_zilog ref counting right, and the upper layers of
the kernel never call close() in error, then this if() statement is not
needed.
I welcome anyone wishing to audit the ref-counting in lirc_zilog. It
was mentally exhausting to get to what I think is right. Maybe I just
tire easily mentally though. :)
-Andy
More information about the devel
mailing list