Re: [PATCH 9/11] drivers/platform/x86: Eliminate a NULL pointerdereference

From: Julia Lawall
Date: Thu May 27 2010 - 12:32:25 EST


From: Julia Lawall <julia@xxxxxxx>

Give different error messages if device_enum is NULL or if its type field
has the wrong value.

A simplified version of the semantic match that finds this problem is as
follows: (http://coccinelle.lip6.fr/)

// <smpl>
@r exists@
expression E,E1;
identifier f;
statement S1,S2,S3;
@@

if ((E == NULL && ...) || ...)
{
... when != if (...) S1 else S2
when != E = E1
* E->f
... when any
return ...;
}
else S3
// </smpl>

Signed-off-by: Julia Lawall <julia@xxxxxxx>

---
drivers/platform/x86/sony-laptop.c | 10 +++++++---
1 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/drivers/platform/x86/sony-laptop.c b/drivers/platform/x86/sony-laptop.c
index 1387c5f..a47fd4e 100644
--- a/drivers/platform/x86/sony-laptop.c
+++ b/drivers/platform/x86/sony-laptop.c
@@ -1196,9 +1196,13 @@ static void sony_nc_rfkill_setup(struct acpi_device *device)
}

device_enum = (union acpi_object *) buffer.pointer;
- if (!device_enum || device_enum->type != ACPI_TYPE_BUFFER) {
- printk(KERN_ERR "Invalid SN06 return object 0x%.2x\n",
- device_enum->type);
+ if (!device_enum) {
+ pr_err("Invalid SN06 return object\n");
+ goto out_no_enum;
+ }
+ if (device_enum->type != ACPI_TYPE_BUFFER) {
+ pr_err("Invalid SN06 return object type 0x%.2x\n",
+ device_enum->type);
goto out_no_enum;
}

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/