From 0fc8f274aef03bbe85774ba30e75deb58e8a90ff Mon Sep 17 00:00:00 2001 From: Julia Lawall Date: Thu, 27 May 2010 18:32:15 +0200 Subject: [PATCH] drivers/platform/x86: Eliminate a NULL pointer dereference Give different error messages if device_enum is NULL or if its type field has the wrong value. A simplified version of the semantic match that finds this problem is as follows: (http://coccinelle.lip6.fr/) // @r exists@ expression E,E1; identifier f; statement S1,S2,S3; @@ if ((E == NULL && ...) || ...) { ... when != if (...) S1 else S2 when != E = E1 * E->f ... when any return ...; } else S3 // Signed-off-by: Julia Lawall Signed-off-by: Matthew Garrett --- drivers/platform/x86/sony-laptop.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/drivers/platform/x86/sony-laptop.c b/drivers/platform/x86/sony-laptop.c index 1387c5f9c24d..a47fd4eef8a3 100644 --- a/drivers/platform/x86/sony-laptop.c +++ b/drivers/platform/x86/sony-laptop.c @@ -1196,9 +1196,13 @@ static void sony_nc_rfkill_setup(struct acpi_device *device) } device_enum = (union acpi_object *) buffer.pointer; - if (!device_enum || device_enum->type != ACPI_TYPE_BUFFER) { - printk(KERN_ERR "Invalid SN06 return object 0x%.2x\n", - device_enum->type); + if (!device_enum) { + pr_err("Invalid SN06 return object\n"); + goto out_no_enum; + } + if (device_enum->type != ACPI_TYPE_BUFFER) { + pr_err("Invalid SN06 return object type 0x%.2x\n", + device_enum->type); goto out_no_enum; }