From: Sylwester Nawrocki Date: Wed, 9 Jan 2013 18:09:55 +0000 (-0300) Subject: [media] s5p-fimc: Avoid null pointer dereference in fimc_capture_ctrls_create() X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=031f515b3d303eca80518ed9a71c79ed420b352a;p=GitHub%2Fmoto-9609%2Fandroid_kernel_motorola_exynos9610.git [media] s5p-fimc: Avoid null pointer dereference in fimc_capture_ctrls_create() With presence of some faults, e.g. caused by wrong platform data or the device tree structure the IDX_SENSOR entry in the array may be NULL, so make sure it is not dereferenced then. Signed-off-by: Sylwester Nawrocki Signed-off-by: Kyungmin Park Signed-off-by: Mauro Carvalho Chehab --- diff --git a/drivers/media/platform/s5p-fimc/fimc-capture.c b/drivers/media/platform/s5p-fimc/fimc-capture.c index df6fc6c7eecd..5ec2f48f7db5 100644 --- a/drivers/media/platform/s5p-fimc/fimc-capture.c +++ b/drivers/media/platform/s5p-fimc/fimc-capture.c @@ -486,6 +486,7 @@ static struct vb2_ops fimc_capture_qops = { int fimc_capture_ctrls_create(struct fimc_dev *fimc) { struct fimc_vid_cap *vid_cap = &fimc->vid_cap; + struct v4l2_subdev *sensor = fimc->pipeline.subdevs[IDX_SENSOR]; int ret; if (WARN_ON(vid_cap->ctx == NULL)) @@ -494,11 +495,13 @@ int fimc_capture_ctrls_create(struct fimc_dev *fimc) return 0; ret = fimc_ctrls_create(vid_cap->ctx); - if (ret || vid_cap->user_subdev_api || !vid_cap->ctx->ctrls.ready) + + if (ret || vid_cap->user_subdev_api || !sensor || + !vid_cap->ctx->ctrls.ready) return ret; return v4l2_ctrl_add_handler(&vid_cap->ctx->ctrls.handler, - fimc->pipeline.subdevs[IDX_SENSOR]->ctrl_handler, NULL); + sensor->ctrl_handler, NULL); } static int fimc_capture_set_default_format(struct fimc_dev *fimc);