From: Peter Huewe Date: Wed, 30 Oct 2013 00:40:28 +0000 (+0100) Subject: tpm/tpm_ppi: Check return value of acpi_get_name X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=238b1eaa59e6a8e2993af0db9ec2255bfa53927b;p=GitHub%2FLineageOS%2Fandroid_kernel_motorola_exynos9610.git tpm/tpm_ppi: Check return value of acpi_get_name If status = acpi_get_name(handle, ACPI_FULL_PATHNAME, &buffer); fails for whatever reason and does not return AE_OK if (strstr(buffer.pointer, context) != NULL) { does dereference a null pointer. -> Check the return value and return the status to the caller Found by coverity Cc: stable@vger.kernel.org Signed-off-by: Peter Huewe --- diff --git a/drivers/char/tpm/tpm_ppi.c b/drivers/char/tpm/tpm_ppi.c index 18c5810b646b..6ac9d275b732 100644 --- a/drivers/char/tpm/tpm_ppi.c +++ b/drivers/char/tpm/tpm_ppi.c @@ -30,6 +30,9 @@ static acpi_status ppi_callback(acpi_handle handle, u32 level, void *context, acpi_status status; struct acpi_buffer buffer = { ACPI_ALLOCATE_BUFFER, NULL }; status = acpi_get_name(handle, ACPI_FULL_PATHNAME, &buffer); + if (ACPI_FAILURE(status)) + return status; + if (strstr(buffer.pointer, context) != NULL) { *return_value = handle; kfree(buffer.pointer);