Re: [PATCH v2] bus: mhi: core: Fix null pointer access when parsing MHI configuration
From: Manivannan Sadhasivam
Date: Thu Nov 05 2020 - 11:06:08 EST
On Mon, Nov 02, 2020 at 08:27:10PM +0800, carl.yin@xxxxxxxxxxx wrote:
> From: "carl.yin" <carl.yin@xxxxxxxxxxx>
>
> Functions parse_ev_cfg() and parse_ch_cfg() access mhi_cntrl->mhi_dev
> before it is set in function mhi_register_controller(),
> use cntrl_dev instead of mhi_dev.
>
> Fixes: 0cbf260820fa ("bus: mhi: core: Add support for registering MHI controllers")
> Signed-off-by: carl.yin <carl.yin@xxxxxxxxxxx>
> Reviewed-by: Bhaumik Bhatt <bbhatt@xxxxxxxxxxxxxx>
Reviewed-by: Manivannan Sadhasivam <manivannan.sadhasivam@xxxxxxxxxx>
Nit: Your name in the Signed-off-by tag should be in a proper format
like "Carl Yin". I'll fix it up while applying. But please fix it in
future patches.
Thanks,
Mani
> ---
> drivers/bus/mhi/core/init.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/bus/mhi/core/init.c b/drivers/bus/mhi/core/init.c
> index 0ffdebd..c6b43e9 100644
> --- a/drivers/bus/mhi/core/init.c
> +++ b/drivers/bus/mhi/core/init.c
> @@ -610,7 +610,7 @@ static int parse_ev_cfg(struct mhi_controller *mhi_cntrl,
> {
> struct mhi_event *mhi_event;
> const struct mhi_event_config *event_cfg;
> - struct device *dev = &mhi_cntrl->mhi_dev->dev;
> + struct device *dev = mhi_cntrl->cntrl_dev;
> int i, num;
>
> num = config->num_events;
> @@ -692,7 +692,7 @@ static int parse_ch_cfg(struct mhi_controller *mhi_cntrl,
> const struct mhi_controller_config *config)
> {
> const struct mhi_channel_config *ch_cfg;
> - struct device *dev = &mhi_cntrl->mhi_dev->dev;
> + struct device *dev = mhi_cntrl->cntrl_dev;
> int i;
> u32 chan;
>
> --
> 2.25.1
>