Re: [PATCH v2] drivers/hid/hid-multitouch.c: fix a possible null pointer access.

From: Benjamin Tissoires
Date: Thu Dec 19 2019 - 04:26:00 EST


On Thu, Dec 19, 2019 at 3:46 AM Pan Zhang <zhangpan26@xxxxxxxxxx> wrote:
>
> 1002 if ((quirks & MT_QUIRK_IGNORE_DUPLICATES) && mt) {
> 1003 struct input_mt_slot *i_slot = &mt->slots[slotnum];
> 1004
> 1005 if (input_mt_is_active(i_slot) &&
> 1006 input_mt_is_used(mt, i_slot))
> 1007 return -EAGAIN;
> 1008 }
>
> We previously assumed 'mt' could be null (see line 1002).
>
> The following situation is similar, so add a judgement.
>
> Signed-off-by: Pan Zhang <zhangpan26@xxxxxxxxxx>
> ---

Thanks a lot for the quick respin.

Applied to for-5.5/upstream-fixes

Cheers,
Benjamin

> drivers/hid/hid-multitouch.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/hid/hid-multitouch.c b/drivers/hid/hid-multitouch.c
> index 3cfeb16..368de81 100644
> --- a/drivers/hid/hid-multitouch.c
> +++ b/drivers/hid/hid-multitouch.c
> @@ -1019,7 +1019,7 @@ static int mt_process_slot(struct mt_device *td, struct input_dev *input,
> tool = MT_TOOL_DIAL;
> else if (unlikely(!confidence_state)) {
> tool = MT_TOOL_PALM;
> - if (!active &&
> + if (!active && mt &&
> input_mt_is_active(&mt->slots[slotnum])) {
> /*
> * The non-confidence was reported for
> --
> 2.7.4
>