Re: [PATCH] char: tmp: fix potential null pointer dereference

From: Jarkko Sakkinen
Date: Wed May 31 2017 - 08:11:37 EST


On Tue, May 30, 2017 at 04:51:23PM -0500, Gustavo A. R. Silva wrote:
> NULL check at line 147: if (chip) {, implies chip might be NULL.
> Function dev_get_drvdata() dereference pointer chip.
> Move pointer priv assignment inside the IF block that checks
> pointer chip.
>
> Addresses-Coverity-ID: 1397646
> Signed-off-by: Gustavo A. R. Silva <garsilva@xxxxxxxxxxxxxx>

It cannot be.

/Jarkko

> ---
> drivers/char/tpm/tpm_atmel.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/char/tpm/tpm_atmel.c b/drivers/char/tpm/tpm_atmel.c
> index 0d322ab..0826efd 100644
> --- a/drivers/char/tpm/tpm_atmel.c
> +++ b/drivers/char/tpm/tpm_atmel.c
> @@ -142,9 +142,10 @@ static struct platform_device *pdev;
> static void atml_plat_remove(void)
> {
> struct tpm_chip *chip = dev_get_drvdata(&pdev->dev);
> - struct tpm_atmel_priv *priv = dev_get_drvdata(&chip->dev);
> + struct tpm_atmel_priv *priv;
>
> if (chip) {
> + priv = dev_get_drvdata(&chip->dev);
> tpm_chip_unregister(chip);
> if (priv->have_region)
> atmel_release_region(priv->base, priv->region_size);
> --
> 2.5.0
>