mtd: nand: fix pointer NULL pointer dereferencing
Linux-MTD Mailing List
linux-mtd at lists.infradead.org
Fri Mar 11 10:59:04 EST 2011
Gitweb: http://git.infradead.org/?p=mtd-2.6.git;a=commit;h=7912a5e7f37512d8d105785046137435b70347ce
Commit: 7912a5e7f37512d8d105785046137435b70347ce
Parent: 7b7e905ec2ec511e06279181ca95a892db21e292
Author: Stanislav Fomichev <kernel at fomichev.me>
AuthorDate: Mon Feb 7 23:48:25 2011 +0300
Committer: David Woodhouse <David.Woodhouse at intel.com>
CommitDate: Fri Mar 11 14:22:44 2011 +0000
mtd: nand: fix pointer NULL pointer dereferencing
In 'verify_bbt_descr()', first check the "bd" pointer, then
dereference it.
Comments amended by Artem.
Signed-off-by: Stanislav Fomichev <kernel at fomichev.me>
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy at nokia.com>
Signed-off-by: David Woodhouse <David.Woodhouse at intel.com>
---
drivers/mtd/nand/nand_bbt.c | 8 ++++++--
1 files changed, 6 insertions(+), 2 deletions(-)
diff --git a/drivers/mtd/nand/nand_bbt.c b/drivers/mtd/nand/nand_bbt.c
index 6ebd869..a1e8b30 100644
--- a/drivers/mtd/nand/nand_bbt.c
+++ b/drivers/mtd/nand/nand_bbt.c
@@ -1101,12 +1101,16 @@ static void mark_bbt_region(struct mtd_info *mtd, struct nand_bbt_descr *td)
static void verify_bbt_descr(struct mtd_info *mtd, struct nand_bbt_descr *bd)
{
struct nand_chip *this = mtd->priv;
- u32 pattern_len = bd->len;
- u32 bits = bd->options & NAND_BBT_NRBITS_MSK;
+ u32 pattern_len;
+ u32 bits;
u32 table_size;
if (!bd)
return;
+
+ pattern_len = bd->len;
+ bits = bd->options & NAND_BBT_NRBITS_MSK;
+
BUG_ON((this->options & NAND_USE_FLASH_BBT_NO_OOB) &&
!(this->options & NAND_USE_FLASH_BBT));
BUG_ON(!bits);
More information about the linux-mtd-cvs
mailing list