[PATCH v3] drivers/tty/serial: check the return value of uart_port_check()
From: Li Zhong
Date: Sat Sep 03 2022 - 20:46:01 EST
uart_port_check() will return NULL pointer when state->uart_port is
NULL. Check the return value before dereference it to avoid
null-pointer-dereference error because the locking does not guarantee
the return value is not NULL. Here we do not need unlock in the error
handling because the mutex_unlock() is called in callers.
Signed-off-by: Li Zhong <floridsleeves@xxxxxxxxx>
---
v3: Add the reason why we need to check the NULL value in the commit
message. The bug is detected by static analysis.
---
drivers/tty/serial/serial_core.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/drivers/tty/serial/serial_core.c b/drivers/tty/serial/serial_core.c
index 12c87cd201a7..760e177166cf 100644
--- a/drivers/tty/serial/serial_core.c
+++ b/drivers/tty/serial/serial_core.c
@@ -194,6 +194,9 @@ static int uart_port_startup(struct tty_struct *tty, struct uart_state *state,
unsigned long page;
int retval = 0;
+ if (!uport)
+ return -EIO;
+
if (uport->type == PORT_UNKNOWN)
return 1;
@@ -498,6 +501,8 @@ static void uart_change_speed(struct tty_struct *tty, struct uart_state *state,
struct ktermios *termios;
int hw_stopped;
+ if (!uport)
+ return;
/*
* If we have no tty, termios, or the port does not exist,
* then we can't set the parameters for this port.
@@ -1045,6 +1050,8 @@ static int uart_get_lsr_info(struct tty_struct *tty,
struct uart_port *uport = uart_port_check(state);
unsigned int result;
+ if (!uport)
+ return -EIO;
result = uport->ops->tx_empty(uport);
/*
--
2.25.1