[2.6 patch] drivers/acpi/video.c: fix a NULL pointer dereference
From: Adrian Bunk
Date: Sat Mar 11 2006 - 10:09:51 EST
On Fri, Mar 10, 2006 at 11:00:45PM -0500, Brown, Len wrote:
>
> >The Coverity checker spotted this obvious bug in
> >acpi_video_device_lcd_query_levels().
> >
> >
> >
> >Signed-off-by: Adrian Bunk <bunk@xxxxxxxxx>
> >
> >--- linux-2.6.16-rc5-mm3-full/drivers/acpi/video.c.old
> >2006-03-10 18:04:18.000000000 +0100
> >+++ linux-2.6.16-rc5-mm3-full/drivers/acpi/video.c
> >2006-03-10 18:04:33.000000000 +0100
> >@@ -321,11 +321,11 @@ acpi_video_device_lcd_query_levels(struc
> >
> > status = acpi_evaluate_object(device->handle, "_BCL",
> >NULL, &buffer);
> > if (!ACPI_SUCCESS(status))
> > return_VALUE(status);
> > obj = (union acpi_object *)buffer.pointer;
> >- if (!obj && (obj->type != ACPI_TYPE_PACKAGE)) {
> >+ if (obj && (obj->type != ACPI_TYPE_PACKAGE)) {
>
> how about
> + if (!obj || (obj->type != ACPI_TYPE_PACKAGE)) {
>...
Yes, thanks for the correction.
cu
Adrian
<-- snip -->
The Coverity checker spotted this bug in
acpi_video_device_lcd_query_levels().
Signed-off-by: Adrian Bunk <bunk@xxxxxxxxx>
--- linux-2.6.16-rc5-mm3-full/drivers/acpi/video.c.old 2006-03-10 18:04:18.000000000 +0100
+++ linux-2.6.16-rc5-mm3-full/drivers/acpi/video.c 2006-03-10 18:04:33.000000000 +0100
@@ -321,11 +321,11 @@ acpi_video_device_lcd_query_levels(struc
status = acpi_evaluate_object(device->handle, "_BCL", NULL, &buffer);
if (!ACPI_SUCCESS(status))
return_VALUE(status);
obj = (union acpi_object *)buffer.pointer;
- if (!obj && (obj->type != ACPI_TYPE_PACKAGE)) {
+ if (!obj || (obj->type != ACPI_TYPE_PACKAGE)) {
ACPI_ERROR((AE_INFO, "Invalid _BCL data"));
status = -EFAULT;
goto err;
}
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/