Re: [PATCH] power: sequencing: fix NULL-pointer dereference in error path
From: Dan Carpenter
Date: Fri Jul 12 2024 - 10:59:14 EST
On Fri, Jul 12, 2024 at 04:45:46PM +0200, Bartosz Golaszewski wrote:
> From: Bartosz Golaszewski <bartosz.golaszewski@xxxxxxxxxx>
>
> We may call pwrseq_target_free() on a target without the final unit
> assigned yet. In this case pwrseq_unit_put() will dereference
> a NULL-pointer. Add a check to the latter function.
>
> Fixes: 249ebf3f65f8 ("power: sequencing: implement the pwrseq core")
> Reported-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
> Closes: https://lore.kernel.org/linux-pm/62a3531e-9927-40f8-b587-254a2dfa47ef@stanley.mountain/
> Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@xxxxxxxxxx>
> ---
> drivers/power/sequencing/core.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/power/sequencing/core.c b/drivers/power/sequencing/core.c
> index 9c32b07a55e7..fe07100e4b33 100644
> --- a/drivers/power/sequencing/core.c
> +++ b/drivers/power/sequencing/core.c
> @@ -119,7 +119,8 @@ static void pwrseq_unit_release(struct kref *ref);
>
> static void pwrseq_unit_put(struct pwrseq_unit *unit)
> {
> - kref_put(&unit->ref, pwrseq_unit_release);
> + if (unit)
I was wondering where you would put the check. But it needs to be:
if (!IS_ERR_OR_NULL(unit))
regards,
dan carpenter
> + kref_put(&unit->ref, pwrseq_unit_release);
> }
>
> /**
> --
> 2.43.0