mtd: Fix kernel NULL pointer dereference in physmap.c

During the probe for physmap platform flash devices there are a
number error exit conditions that all do a goto err_out which
then calls physmap_flash_remove().  In that function one of the
cleanup steps is:

#ifdef CONFIG_MTD_CONCAT
	if (info->cmtd != info->mtd[0])
		mtd_concat_destroy(info->cmtd);
#endif

This test will succeed since info->cmtd == NULL and info->mtd[0] is
valid.

Fix this by exiting the remove function when info->cmtd == NULL.

Also, cleanup the #ifdef CONFIG_MTD_PARTITIONS stuff by using
mtd_has_partitions().

Signed-off-by: H Hartley Sweeten <hsweeten@visionengravers.com>
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

diff --git a/drivers/mtd/maps/physmap.c b/drivers/mtd/maps/physmap.c
index 380648e9051adc1b2d25eb295147859b40f2b140..65f52d4804a28b07aa691175e5a26818c3277ac5 100644 (file)
--- a/drivers/mtd/maps/physmap.c
+++ b/drivers/mtd/maps/physmap.c
@@ -44,22 +44,23 @@ static int physmap_flash_remove(struct platform_device *dev)
                return 0;
        platform_set_drvdata(dev, NULL);
 
+       if (info->cmtd == NULL)
+               return 0;
+
        physmap_data = dev->dev.platform_data;
 
-       if (info->cmtd) {
-#ifdef CONFIG_MTD_PARTITIONS
-               if (info->nr_parts || physmap_data->nr_parts)
+       if (mtd_has_partitions()) {
+               if (info->nr_parts || physmap_data->nr_parts) {
                        del_mtd_partitions(info->cmtd);
-               else
+
+                       if (info->nr_parts)
+                               kfree(info->parts);
+               } else {
                        del_mtd_device(info->cmtd);
-#else
+               }
+       } else {
                del_mtd_device(info->cmtd);
-#endif
        }
-#ifdef CONFIG_MTD_PARTITIONS
-       if (info->nr_parts)
-               kfree(info->parts);
-#endif
 
 #ifdef CONFIG_MTD_CONCAT
        if (info->cmtd != info->mtd[0])
@@ -169,22 +170,22 @@ static int physmap_flash_probe(struct platform_device *dev)
        if (err)
                goto err_out;
 
-#ifdef CONFIG_MTD_PARTITIONS
-       err = parse_mtd_partitions(info->cmtd, part_probe_types,
-                               &info->parts, 0);
-       if (err > 0) {
-               add_mtd_partitions(info->cmtd, info->parts, err);
-               info->nr_parts = err;
-               return 0;
-       }
+       if (mtd_has_partitions()) {
+               err = parse_mtd_partitions(info->cmtd, part_probe_types,
+                                       &info->parts, 0);
+               if (err > 0) {
+                       add_mtd_partitions(info->cmtd, info->parts, err);
+                       info->nr_parts = err;
+                       return 0;
+               }
 
-       if (physmap_data->nr_parts) {
-               printk(KERN_NOTICE "Using physmap partition information\n");
-               add_mtd_partitions(info->cmtd, physmap_data->parts,
-                                  physmap_data->nr_parts);
-               return 0;
+               if (physmap_data->nr_parts) {
+                       printk(KERN_NOTICE "Using physmap partition information\n");
+                       add_mtd_partitions(info->cmtd, physmap_data->parts,
+                                       physmap_data->nr_parts);
+                       return 0;
+               }
        }
-#endif
 
        add_mtd_device(info->cmtd);
        return 0;