Skip to content

Commit

Permalink
rpmsg: glink: fix null pointer dereference on a null intent
Browse files Browse the repository at this point in the history 
In the case where glink->intentless is true and the call
to qcom_glink_tx fails then we have a condition where ret is
non-zero and intent is null, causing a null pointer deference
when setting intent->in_use to false.  Add an extra check to
only dereference intent if intent is non-null.

Detected by: CoverityScan CID#1455247 ("Explicit null dereferenced")

Fixes: 88c6060 ("rpmsg: glink: Handle remote rx done command")
Signed-off-by: Colin Ian King <colin.king@canonical.com>
Signed-off-by: Bjorn Andersson <bjorn.andersson@linaro.org>
  • Loading branch information
Colin Ian King authored and Bjorn Andersson committed Sep 4, 2017
1 parent 2b41d6c commit 906cf29
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion drivers/rpmsg/qcom_glink_native.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1264,7 +1264,7 @@ static int __qcom_glink_send(struct glink_channel *channel,
ret = qcom_glink_tx(glink, &req, sizeof(req), data, len, wait);

/* Mark intent available if we failed */
if (ret)
if (ret && intent)
intent->in_use = false;

return ret;
Expand Down

0 comments on commit 906cf29

Please sign in to comment.