From: Jesper Juhl Date: Thu, 13 Jan 2011 22:05:47 +0000 (-0300) Subject: [media] gspca/stv06xx_pb0100: Don't potentially deref NULL in pb0100_start() X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=dadefe3b710b706b607b51e901bbe6fb05cc515c;p=GitHub%2FLineageOS%2Fandroid_kernel_motorola_exynos9610.git [media] gspca/stv06xx_pb0100: Don't potentially deref NULL in pb0100_start() usb_altnum_to_altsetting() may return NULL. If it does we'll dereference a NULL pointer in drivers/media/video/gspca/stv06xx/stv06xx_pb0100.c::pb0100_start(). As far as I can tell there's not really anything more sensible than -ENODEV that we can return in that situation, but I'm not at all intimate with this code so I'd like a bit of review/comments on this before it's applied. Anyway, here's a proposed patch. Signed-off-by: Jesper Juhl Cc: Jean-Francois Moine Cc: Hans de Goede Cc: Erik Andren Signed-off-by: Mauro Carvalho Chehab --- diff --git a/drivers/media/video/gspca/stv06xx/stv06xx_pb0100.c b/drivers/media/video/gspca/stv06xx/stv06xx_pb0100.c index ac47b4c94388..75a5b9c2f15f 100644 --- a/drivers/media/video/gspca/stv06xx/stv06xx_pb0100.c +++ b/drivers/media/video/gspca/stv06xx/stv06xx_pb0100.c @@ -217,6 +217,8 @@ static int pb0100_start(struct sd *sd) intf = usb_ifnum_to_if(sd->gspca_dev.dev, sd->gspca_dev.iface); alt = usb_altnum_to_altsetting(intf, sd->gspca_dev.alt); + if (!alt) + return -ENODEV; packet_size = le16_to_cpu(alt->endpoint[0].desc.wMaxPacketSize); /* If we don't have enough bandwidth use a lower framerate */