From: Aditya Pakki <pakki001@umn.edu>
Date: Sun, 15 Dec 2019 15:34:08 +0000 (-0600)
Subject: rfkill: Fix incorrect check to avoid NULL pointer dereference
X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=c7a6c3d2c372a592c975cda98a479287ebd169d1;p=GitHub%2FLineageOS%2Fandroid_kernel_motorola_exynos9610.git

rfkill: Fix incorrect check to avoid NULL pointer dereference

[ Upstream commit 6fc232db9e8cd50b9b83534de9cd91ace711b2d7 ]

In rfkill_register, the struct rfkill pointer is first derefernced
and then checked for NULL. This patch removes the BUG_ON and returns
an error to the caller in case rfkill is NULL.

Signed-off-by: Aditya Pakki <pakki001@umn.edu>
Link: https://lore.kernel.org/r/20191215153409.21696-1-pakki001@umn.edu
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---

diff --git a/net/rfkill/core.c b/net/rfkill/core.c
index 99a2e55b01cf..e31b4288f32c 100644
--- a/net/rfkill/core.c
+++ b/net/rfkill/core.c
@@ -998,10 +998,13 @@ static void rfkill_sync_work(struct work_struct *work)
 int __must_check rfkill_register(struct rfkill *rfkill)
 {
 	static unsigned long rfkill_no;
-	struct device *dev = &rfkill->dev;
+	struct device *dev;
 	int error;
 
-	BUG_ON(!rfkill);
+	if (!rfkill)
+		return -EINVAL;
+
+	dev = &rfkill->dev;
 
 	mutex_lock(&rfkill_global_mutex);