Re: [PATCH v3 3/9] brcmfmac: firmware: Do not crash on a NULL board_type

From: Andy Shevchenko
Date: Wed Jan 19 2022 - 16:47:47 EST


On Mon, Jan 17, 2022 at 4:30 PM Hector Martin <marcan@xxxxxxxxx> wrote:
>
> This unbreaks support for USB devices, which do not have a board_type
> to create an alt_path out of and thus were running into a NULL
> dereference.

In v5.16 we have two call sites:

1.
if (cur->type == BRCMF_FW_TYPE_NVRAM && fwctx->req->board_type) {
...
alt_path = brcm_alt_fw_path(cur->path, fwctx->req->board_type);

2.
alt_path = brcm_alt_fw_path(first->path, fwctx->req->board_type);
if (alt_path) {
...

Looking at them I would rather expect to see (as a quick fix, the
better solution is to unify those call sites by splitting out a common
helper):

if (fwctx->req->board_type) {
alt_path = brcm_alt_fw_path(first->path, fwctx->req->board_type);
else
alt_path = NULL;
...


> @@ -599,6 +599,9 @@ static char *brcm_alt_fw_path(const char *path, const char *board_type)
> char alt_path[BRCMF_FW_NAME_LEN];
> char suffix[5];
>
> + if (!board_type)
> + return NULL;


--
With Best Regards,
Andy Shevchenko