mtd: pxa3xx_nand: NULL dereference in pxa3xx_nand_probe
Linux-MTD Mailing List
linux-mtd at lists.infradead.org
Thu Jan 6 10:59:05 EST 2011
Gitweb: http://git.infradead.org/?p=mtd-2.6.git;a=commit;h=52d039fdaa78c5a9f9bc2940ad58d7ed76b8336d
Commit: 52d039fdaa78c5a9f9bc2940ad58d7ed76b8336d
Parent: a121f643993474548fe98144514c50dd4f3dbe76
Author: Dan Carpenter <error27 at gmail.com>
AuthorDate: Thu Jan 6 17:05:36 2011 +0300
Committer: David Woodhouse <David.Woodhouse at intel.com>
CommitDate: Thu Jan 6 15:48:59 2011 +0000
mtd: pxa3xx_nand: NULL dereference in pxa3xx_nand_probe
"info->cmdset" gets dereferenced in __readid() so it needs to be
initialized earlier in the function. This bug was introduced in
18c81b1828f8 "mtd: pxa3xx_nand: remove the flash info in driver
structure".
Cc: stable at kernel.org [2.6.37+]
Reported-and-tested-by: Sven Neumann <s.neumann at raumfeld.com>
Signed-off-by: Dan Carpenter <error27 at gmail.com>
Signed-off-by: David Woodhouse <David.Woodhouse at intel.com>
---
drivers/mtd/nand/pxa3xx_nand.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/drivers/mtd/nand/pxa3xx_nand.c b/drivers/mtd/nand/pxa3xx_nand.c
index 17f8518..ea2c288 100644
--- a/drivers/mtd/nand/pxa3xx_nand.c
+++ b/drivers/mtd/nand/pxa3xx_nand.c
@@ -885,6 +885,7 @@ static int pxa3xx_nand_detect_config(struct pxa3xx_nand_info *info)
/* set info fields needed to __readid */
info->read_id_bytes = (info->page_size == 2048) ? 4 : 2;
info->reg_ndcr = ndcr;
+ info->cmdset = &default_cmdset;
if (__readid(info, &id))
return -ENODEV;
@@ -915,7 +916,6 @@ static int pxa3xx_nand_detect_config(struct pxa3xx_nand_info *info)
info->ndtr0cs0 = nand_readl(info, NDTR0CS0);
info->ndtr1cs0 = nand_readl(info, NDTR1CS0);
- info->cmdset = &default_cmdset;
return 0;
}
More information about the linux-mtd-cvs
mailing list