aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJulia Lawall <julia@diku.dk>2008-05-12 09:38:26 -0400
committerJeff Garzik <jgarzik@redhat.com>2008-05-22 06:26:28 -0400
commit4ecc8c066f3cecb55807644a01435084d8ed638a (patch)
tree168e13ed10241f868ee52d07d0a9731a5e2a2e54
parent0b5923cd477674755dde670ba804649523f27c97 (diff)
drivers/net/fs_enet: remove null pointer dereference
The following code appears in the function fs_init_instance in the file drivers/net/fs_enet/fs_enet-main.c. if (fep->ops == NULL) { printk(KERN_ERR DRV_MODULE_NAME ": %s No matching ops found (%d).\n", ndev->name, fpi->fs_no); err = -EINVAL; goto err; } This code implies that at the point of err, fep->ops can be NULL, so an extra test is needed before dereferencing this value. This problem was found using the following semantic match (http://www.emn.fr/x-info/coccinelle/) // <smpl> @@ expression E, E1; identifier f; statement S1,S2,S3; @@ * if (E == NULL) { ... when != if (E == NULL) S1 else S2 when != E = E1 * E->f ... when any return ...; } else S3 // </smpl> Signed-off-by: Julia Lawall <julia@diku.dk> Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
-rw-r--r--drivers/net/fs_enet/fs_enet-main.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/drivers/net/fs_enet/fs_enet-main.c b/drivers/net/fs_enet/fs_enet-main.c
index 67b4b0728fce..a5baaf59ff66 100644
--- a/drivers/net/fs_enet/fs_enet-main.c
+++ b/drivers/net/fs_enet/fs_enet-main.c
@@ -1093,7 +1093,7 @@ err:
1093 if (registered) 1093 if (registered)
1094 unregister_netdev(ndev); 1094 unregister_netdev(ndev);
1095 1095
1096 if (fep != NULL) { 1096 if (fep && fep->ops) {
1097 (*fep->ops->free_bd)(ndev); 1097 (*fep->ops->free_bd)(ndev);
1098 (*fep->ops->cleanup_data)(ndev); 1098 (*fep->ops->cleanup_data)(ndev);
1099 } 1099 }