From: Oliver Neukum Date: Thu, 20 Dec 2007 11:23:03 +0000 (+0100) Subject: USB: fix NULL pointer dereference on drivers/usb/serial/whiteheat.c X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=e58679805dab3fb75df88141d9d869904a93337f;p=GitHub%2FLineageOS%2Fandroid_kernel_samsung_universal7580.git USB: fix NULL pointer dereference on drivers/usb/serial/whiteheat.c Am Sonntag, 16. Dezember 2007 05:23:47 schrieb Andrew Morton: > On Sat, 15 Dec 2007 07:08:52 -0800 (PST) bugme-daemon@bugzilla.kernel.org wrote: > > > http://bugzilla.kernel.org/show_bug.cgi?id=9573 > > There's a null pointer dereference on drivers/usb/serial/whiteheat.c as > > follows: > > > > (1) line 613: the test "if (port->tty)" implies that null is a legal value > > for "port->tty" at that point > > > > (2) neither firm_open nor firm_purge initialize "port->tty" drivers/usb/serial/usb-serial::serial_open() sets port->tty The check for NULL is bogus. This patch removes the check. Signed-off-by: Oliver Neukum Acked-by: Alan Cox Signed-off-by: Greg Kroah-Hartman --- diff --git a/drivers/usb/serial/whiteheat.c b/drivers/usb/serial/whiteheat.c index ee5dd8b5a71..f5033d482ee 100644 --- a/drivers/usb/serial/whiteheat.c +++ b/drivers/usb/serial/whiteheat.c @@ -610,8 +610,7 @@ static int whiteheat_open (struct usb_serial_port *port, struct file *filp) if (retval) goto exit; - if (port->tty) - port->tty->low_latency = 1; + port->tty->low_latency = 1; /* send an open port command */ retval = firm_open(port);