rpmsg: glink: fix null pointer dereference on a null intent

In the case where glink->intentless is true and the call
to qcom_glink_tx fails then we have a condition where ret is
non-zero and intent is null, causing a null pointer deference
when setting intent->in_use to false.  Add an extra check to
only dereference intent if intent is non-null.

Detected by: CoverityScan CID#1455247 ("Explicit null dereferenced")

Fixes: 88c6060f5a7f ("rpmsg: glink: Handle remote rx done command")
Signed-off-by: Colin Ian King <colin.king@canonical.com>
Signed-off-by: Bjorn Andersson <bjorn.andersson@linaro.org>

diff --git a/drivers/rpmsg/qcom_glink_native.c b/drivers/rpmsg/qcom_glink_native.c
index 666068202597e227d08e8053d4790baee1166a87..8bc0d0456a406b217c9386df9e3b238994283054 100644 (file)
--- a/drivers/rpmsg/qcom_glink_native.c
+++ b/drivers/rpmsg/qcom_glink_native.c
@@ -1264,7 +1264,7 @@ static int __qcom_glink_send(struct glink_channel *channel,
        ret = qcom_glink_tx(glink, &req, sizeof(req), data, len, wait);
 
        /* Mark intent available if we failed */
-       if (ret)
+       if (ret && intent)
                intent->in_use = false;
 
        return ret;