1. Patchew
  2. linux
  3. View series

[PATCH] gdm7240: Add check for NULL for callback in r

Ekaterina Esina posted 1 patch 3 years, 4 months ago 
drivers/staging/gdm724x/gdm_usb.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
[PATCH] gdm7240: Add check for NULL for callback in r
Posted by Ekaterina Esina 3 years, 4 months ago 
Before dereferencing r->callback check it for NULL.

Found by Linux Verification Center (linuxtesting.org) with SVACE.
Fixes: 61e121047645 ("staging: gdm7240: adding LTE USB driver")
Signed-off-by: Ekaterina Esina <eesina@astralinux.ru>
---
 drivers/staging/gdm724x/gdm_usb.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/drivers/staging/gdm724x/gdm_usb.c b/drivers/staging/gdm724x/gdm_usb.c
index 54bdb64f52e8..7cf89f4c95c4 100644
--- a/drivers/staging/gdm724x/gdm_usb.c
+++ b/drivers/staging/gdm724x/gdm_usb.c
@@ -409,10 +409,12 @@ static void do_rx(struct work_struct *work)
 		switch (cmd_evt) {
 		case LTE_GET_INFORMATION_RESULT:
 			if (set_mac_address(hci->data, r->cb_data) == 0) {
-				r->callback(r->cb_data,
+				if (r->callback) {
+					r->callback(r->cb_data,
 					    r->buf,
 					    r->urb->actual_length,
 					    KERNEL_THREAD);
+				}
 			}
 			break;
 
-- 
2.30.2
Re: [PATCH] gdm7240: Add check for NULL for callback in r
Posted by Dan Carpenter 3 years, 4 months ago 
On Wed, Nov 23, 2022 at 04:23:45PM +0300, Ekaterina Esina wrote:
> Before dereferencing r->callback check it for NULL.
> 
> Found by Linux Verification Center (linuxtesting.org) with SVACE.
> Fixes: 61e121047645 ("staging: gdm7240: adding LTE USB driver")
> Signed-off-by: Ekaterina Esina <eesina@astralinux.ru>
> ---
>  drivers/staging/gdm724x/gdm_usb.c | 4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)
> 
> diff --git a/drivers/staging/gdm724x/gdm_usb.c b/drivers/staging/gdm724x/gdm_usb.c
> index 54bdb64f52e8..7cf89f4c95c4 100644
> --- a/drivers/staging/gdm724x/gdm_usb.c
> +++ b/drivers/staging/gdm724x/gdm_usb.c
> @@ -409,10 +409,12 @@ static void do_rx(struct work_struct *work)
>  		switch (cmd_evt) {
>  		case LTE_GET_INFORMATION_RESULT:
>  			if (set_mac_address(hci->data, r->cb_data) == 0) {
> -				r->callback(r->cb_data,
> +				if (r->callback) {

What makes you think r->callback can be NULL?

So far as I can see that's not possible.  It is checked before it's
added to the list in gdm_usb_rcv_complete().

regards,
dan carpenter

Patchew 2.1-devel-ea86937

© 2016 - 2026 Red Hat, Inc.