First testing if a pointer is NULL and if it is (or might be), proceeding
with code that dereferences that same pointer is clearly a mistake.
This happens in sound/isa/sb/sb8_midi.c::snd_sb8dsp_midi_interrupt()
The patch below reworks the code so this unfortunate case doesn't happen.
Also remove some blank comments.
Found by the Coverity checker as bug #367
Patch is compile testted only due to lack of hardware.
Signed-off-by: Jesper Juhl <jesper.juhl@gmail.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
#include <sound/core.h>
#include <sound/sb.h>
-/*
-
- */
-irqreturn_t snd_sb8dsp_midi_interrupt(struct snd_sb * chip)
+irqreturn_t snd_sb8dsp_midi_interrupt(struct snd_sb *chip)
{
struct snd_rawmidi *rmidi;
int max = 64;
char byte;
- if (chip == NULL || (rmidi = chip->rmidi) == NULL) {
+ if (!chip)
+ return IRQ_NONE;
+
+ rmidi = chip->rmidi;
+ if (!rmidi) {
inb(SBP(chip, DATA_AVAIL)); /* ack interrupt */
return IRQ_NONE;
}
+
spin_lock(&chip->midi_input_lock);
while (max-- > 0) {
if (inb(SBP(chip, DATA_AVAIL)) & 0x80) {
return IRQ_HANDLED;
}
-/*
-
- */
-
static int snd_sb8dsp_midi_input_open(struct snd_rawmidi_substream *substream)
{
unsigned long flags;
snd_sb8dsp_midi_output_write(substream);
}
-/*
-
- */
-
static struct snd_rawmidi_ops snd_sb8dsp_midi_output =
{
.open = snd_sb8dsp_midi_output_open,
projects / GitHub / LineageOS / android_kernel_samsung_universal7580.git / commitdiff