[V2 PATCH] usb: mtu3: fix NULL pointer dereference
Felipe Balbi
balbi at kernel.org
Thu Jul 9 02:42:56 EDT 2020
Hi,
Chunfeng Yun <chunfeng.yun at mediatek.com> writes:
>> > @@ -373,8 +380,8 @@ static int mtu3_gadget_dequeue(struct usb_ep *ep, struct usb_request *req)
>> > */
>> > static int mtu3_gadget_ep_set_halt(struct usb_ep *ep, int value)
>> > {
>> > - struct mtu3_ep *mep = to_mtu3_ep(ep);
>> > - struct mtu3 *mtu = mep->mtu;
>> > + struct mtu3_ep *mep;
>> > + struct mtu3 *mtu;
>> > struct mtu3_request *mreq;
>> > unsigned long flags;
>> > int ret = 0;
>> > @@ -382,6 +389,9 @@ static int mtu3_gadget_ep_set_halt(struct usb_ep *ep, int value)
>> > if (!ep)
>> > return -EINVAL;
>>
>> Same here, how can that ever happen?
> Maybe when the class driver has something wrong:)
>
> You mean it's better to remove these unnecessary checks?
if we need those checks, I'd rather have them at a central location,
such as udc/core.c. But, as Greg mentioned, the kernel doesn't call
these with NULL pointers.
--
balbi
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/linux-mediatek/attachments/20200709/7e81d1bb/attachment.sig>
More information about the Linux-mediatek
mailing list