mtd: Fix kernel NULL pointer dereference in physmap.c

During the probe for physmap platform flash devices there are a number error exit conditions that all do a goto err_out which then calls physmap_flash_remove(). In that function one of the cleanup steps is: #ifdef CONFIG_MTD_CONCAT if (info->cmtd != info->mtd[0]) mtd_concat_destroy(info->cmtd); #endif This test will succeed since info->cmtd == NULL and info->mtd[0] is valid. Fix this by exiting the remove function when info->cmtd == NULL. Also, cleanup the #ifdef CONFIG_MTD_PARTITIONS stuff by using mtd_has_partitions(). Signed-off-by: H Hartley Sweeten <hsweeten@visionengravers.com> Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
git-mirror · Oct 20, 2009 · 4b56ffc · 4b56ffc
1 parent 2d098a7
commit 4b56ffc
Showing 1 changed file with 25 additions and 24 deletions.
diff --git a/drivers/mtd/maps/physmap.c b/drivers/mtd/maps/physmap.c
@@ -44,22 +44,23 @@ static int physmap_flash_remove(struct platform_device *dev)
 		return 0;
 	platform_set_drvdata(dev, NULL);
 
+	if (info->cmtd == NULL)
+		return 0;
+
 	physmap_data = dev->dev.platform_data;
 
-	if (info->cmtd) {
-#ifdef CONFIG_MTD_PARTITIONS
-		if (info->nr_parts || physmap_data->nr_parts)
+	if (mtd_has_partitions()) {
+		if (info->nr_parts || physmap_data->nr_parts) {
 			del_mtd_partitions(info->cmtd);
-		else
+
+			if (info->nr_parts)
+				kfree(info->parts);
+		} else {
 			del_mtd_device(info->cmtd);
-#else
+		}
+	} else {
 		del_mtd_device(info->cmtd);
-#endif
 	}
-#ifdef CONFIG_MTD_PARTITIONS
-	if (info->nr_parts)
-		kfree(info->parts);
-#endif
 
 #ifdef CONFIG_MTD_CONCAT
 	if (info->cmtd != info->mtd[0])
@@ -169,22 +170,22 @@ static int physmap_flash_probe(struct platform_device *dev)
 	if (err)
 		goto err_out;
 
-#ifdef CONFIG_MTD_PARTITIONS
-	err = parse_mtd_partitions(info->cmtd, part_probe_types,
-				&info->parts, 0);
-	if (err > 0) {
-		add_mtd_partitions(info->cmtd, info->parts, err);
-		info->nr_parts = err;
-		return 0;
-	}
+	if (mtd_has_partitions()) {
+		err = parse_mtd_partitions(info->cmtd, part_probe_types,
+					&info->parts, 0);
+		if (err > 0) {
+			add_mtd_partitions(info->cmtd, info->parts, err);
+			info->nr_parts = err;
+			return 0;
+		}
 
-	if (physmap_data->nr_parts) {
-		printk(KERN_NOTICE "Using physmap partition information\n");
-		add_mtd_partitions(info->cmtd, physmap_data->parts,
-				   physmap_data->nr_parts);
-		return 0;
+		if (physmap_data->nr_parts) {
+			printk(KERN_NOTICE "Using physmap partition information\n");
+			add_mtd_partitions(info->cmtd, physmap_data->parts,
+					physmap_data->nr_parts);
+			return 0;
+		}
 	}
-#endif
 
 	add_mtd_device(info->cmtd);
 	return 0;