Hi Mikhail, Mikhail Lobanov m.lobanov@rosalinux.ru writes:
Dereference of null pointer in the __gb_lights_flash_brightness_set function. Assigning the channel the result of executing the get_channel_from_mode function without checking for NULL may result in an error.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Fixes: 2870b52bae4c ("greybus: lights: add lights implementation") Signed-off-by: Mikhail Lobanov m.lobanov@rosalinux.ru
Are you sending a new version with the changes suggested in this thread? or do you want me to prepare something with your reported-by tag?
Cheers, Rui
drivers/staging/greybus/light.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/drivers/staging/greybus/light.c b/drivers/staging/greybus/light.c index 87d36948c610..929514350947 100644 --- a/drivers/staging/greybus/light.c +++ b/drivers/staging/greybus/light.c @@ -148,10 +148,15 @@ static int __gb_lights_flash_brightness_set(struct gb_channel *channel) GB_CHANNEL_MODE_TORCH); /* For not flash we need to convert brightness to intensity */
- intensity = channel->intensity_uA.min +
- if (channel) {
intensity = channel->intensity_uA.min + (channel->intensity_uA.step * channel->led->brightness);
- return __gb_lights_flash_intensity_set(channel, intensity);
return __gb_lights_flash_intensity_set(channel, intensity);- }
- return 0;
} #else static struct gb_channel *get_channel_from_cdev(struct led_classdev *cdev) -- 2.43.0