Re: [PATCH v2] media: rcar-csi2: Add checking to rcsi2_start_receiver()

From: Niklas Söderlund
Date: Thu Aug 12 2021 - 05:30:54 EST


Hi Nadezda,

Thanks for your patch.

On 2021-08-11 20:18:16 +0300, Nadezda Lutovinova wrote:
> If rcsi2_code_to_fmt() return NULL, then null pointer dereference occurs
> in the next cycle. That should not be possible now but adding checking
> protects from future bugs.
> The patch adds checking if format is NULL.
>
> Found by Linux Driver Verification project (linuxtesting.org).
>
> Signed-off-by: Nadezda Lutovinova <lutovinova@xxxxxxxxx>

Reviewed-by: Niklas Söderlund <niklas.soderlund+renesas@xxxxxxxxxxxx>

> ---
> v2: fix subject and commit message, remove dev_err()
> ---
> drivers/media/platform/rcar-vin/rcar-csi2.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/drivers/media/platform/rcar-vin/rcar-csi2.c b/drivers/media/platform/rcar-vin/rcar-csi2.c
> index e28eff039688..d28f83f7698b 100644
> --- a/drivers/media/platform/rcar-vin/rcar-csi2.c
> +++ b/drivers/media/platform/rcar-vin/rcar-csi2.c
> @@ -553,6 +553,8 @@ static int rcsi2_start_receiver(struct rcar_csi2 *priv)
>
> /* Code is validated in set_fmt. */
> format = rcsi2_code_to_fmt(priv->mf.code);
> + if (!format)
> + return -EINVAL;
>
> /*
> * Enable all supported CSI-2 channels with virtual channel and
> --
> 2.17.1
>

--
Regards,
Niklas Söderlund