projects / GitHub / LineageOS / android_kernel_samsung_universal7580.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: b4b39b6)
FROMLIST: android: binder: Fix null ptr dereference in debug msg
authorSherry Yang <sherryy@android.com>
Thu, 5 Oct 2017 21:13:47 +0000 (17:13 -0400)
committerDanny Wood <danwood76@gmail.com>
Fri, 8 Nov 2019 12:03:13 +0000 (12:03 +0000)
(from https://patchwork.kernel.org/patch/9990323/)

Don't access next->data in kernel debug message when the
next buffer is null.

Bug: 36007193
Change-Id: Ib8240d7e9a7087a2256e88c0ae84b9df0f2d0224
Acked-by: Arve Hjønnevåg <arve@android.com>
Signed-off-by: Sherry Yang <sherryy@android.com>
drivers/android/binder_alloc.c patch | blob | blame | history

diff --git a/drivers/android/binder_alloc.c b/drivers/android/binder_alloc.c
index 2ca2b02f82bb28a1023c7aaff994d623d4ffd8ac..fe842a38b65f8567d5ef17e9ac1d65b22d440bae 100644 (file)
--- a/drivers/android/binder_alloc.c
+++ b/drivers/android/binder_alloc.c
@@ -520,7 +520,7 @@ static void binder_delete_free_buffer(struct binder_alloc *alloc,
                binder_alloc_debug(BINDER_DEBUG_BUFFER_ALLOC,
                                   "%d: merge free, buffer %pK do not share page with %pK or %pK\n",
                                   alloc->pid, buffer->data,
-                                  prev->data, next->data);
+                                  prev->data, next ? next->data : NULL);
                binder_update_page_range(alloc, 0, buffer_start_page(buffer),
                                         buffer_start_page(buffer) + PAGE_SIZE,
                                         NULL);