[alsa-devel] [PATCH] ALSA: cs46xx: Potential NULL dereference in probe
The "chip->dsp_spos_instance" can be NULL on some of the ealier error paths in snd_cs46xx_create().
Reported-by: "Yavuz, Tuba" tuba@ece.ufl.edu Signed-off-by: Dan Carpenter dan.carpenter@oracle.com --- We don't really consider NULL derefences as security bugs unless they can be triggered remotely, but it's definitely worth fixing.
sound/pci/cs46xx/dsp_spos.c | 3 +++ 1 file changed, 3 insertions(+)
diff --git a/sound/pci/cs46xx/dsp_spos.c b/sound/pci/cs46xx/dsp_spos.c index 598d140bb7cb..5fc497c6d738 100644 --- a/sound/pci/cs46xx/dsp_spos.c +++ b/sound/pci/cs46xx/dsp_spos.c @@ -903,6 +903,9 @@ int cs46xx_dsp_proc_done (struct snd_cs46xx *chip) struct dsp_spos_instance * ins = chip->dsp_spos_instance; int i;
+ if (!ins) + return 0; + snd_info_free_entry(ins->proc_sym_info_entry); ins->proc_sym_info_entry = NULL;
On Tue, 08 Jan 2019 08:43:30 +0100, Dan Carpenter wrote:
The "chip->dsp_spos_instance" can be NULL on some of the ealier error paths in snd_cs46xx_create().
Reported-by: "Yavuz, Tuba" tuba@ece.ufl.edu Signed-off-by: Dan Carpenter dan.carpenter@oracle.com
Applied, thanks.
We don't really consider NULL derefences as security bugs unless they can be triggered remotely, but it's definitely worth fixing.
Right, I put Cc-to-stable tag as well.
Takashi
participants (2)
-
Dan Carpenter -
Takashi Iwai