[PATCH] mtd: Fix check in mtd_unpoint()
Boris Brezillon
boris.brezillon at free-electrons.com
Sun Jun 25 11:22:57 PDT 2017
The code checks that ->_point is not NULL, but we should actually check
->_unpoint value which is dereferenced a few lines after the check.
Signed-off-by: Boris Brezillon <boris.brezillon at free-electrons.com>
---
Found while checking that nobody except the core was directly calling
->_xxx().
Note that I didn't had a Fixes tag because it's hard to tell when
mtd_point() was introduced (code has been moved from mtd.h to mtdcore.c
in commit 8273a0c911d8 "mtd: add offset and length checks to the API
function"), and all drivers implementing ->_point() also implement
->_unpoint (the only exception being drivers/mtd/maps/uclinux.c).
---
drivers/mtd/mtdcore.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/mtd/mtdcore.c b/drivers/mtd/mtdcore.c
index e214af82b9be..e02ccdbdcdf1 100644
--- a/drivers/mtd/mtdcore.c
+++ b/drivers/mtd/mtdcore.c
@@ -991,7 +991,7 @@ EXPORT_SYMBOL_GPL(mtd_point);
/* We probably shouldn't allow XIP if the unpoint isn't a NULL */
int mtd_unpoint(struct mtd_info *mtd, loff_t from, size_t len)
{
- if (!mtd->_point)
+ if (!mtd->_unpoint)
return -EOPNOTSUPP;
if (from < 0 || from >= mtd->size || len > mtd->size - from)
return -EINVAL;
--
2.11.0
More information about the linux-mtd
mailing list