Re: Fix ali5451 dereferenced before NULL check
From: Takashi Iwai
Date: Thu Mar 16 2006 - 06:05:44 EST
At Thu, 16 Mar 2006 09:36:02 +0800,
Eugene Teo wrote:
>
> pvoice is missing a NULL check. channel needs a bound check too.
Both checks are not necessary. There is a single caller to this
function, and the channel argument is a loop value of
for (channel = 0; channel < ALI_CHANNELS; channel++)
snd_ali_update_ptr(codec, channel);
pvoice is the address pointing a part of a structure, so it cannot be
NULL anyway. If a check were needed, it should be if (codec != NULL).
Takashi
>
> Coverity bug #862
>
> Signed-off-by: Eugene Teo <eugene.teo@xxxxxxxxxxxxx>
>
> --- linux-2.6/sound/pci/ali5451/ali5451.c~ 2006-03-15 10:05:45.000000000 +0800
> +++ linux-2.6/sound/pci/ali5451/ali5451.c 2006-03-16 09:27:53.000000000 +0800
> @@ -990,7 +990,13 @@
> if (!(old & mask))
> return;
>
> + if (channel < 0 || channel >= ALI_CHANNELS)
> + return;
> +
> pvoice = &codec->synth.voices[channel];
> + if (pvoice == NULL)
> + return;
> +
> runtime = pvoice->substream->runtime;
>
> udelay(100);
>
> --
> 1024D/A6D12F80 print D51D 2633 8DAC 04DB 7265 9BB8 5883 6DAA A6D1 2F80
> main(i) { putchar(182623909 >> (i-1) * 5&31|!!(i<7)<<6) && main(++i); }
>
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/
>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/