drivers/platform/x86: Eliminate a NULL pointer dereference
authorJulia Lawall <julia@diku.dk>
Thu, 27 May 2010 16:32:15 +0000 (18:32 +0200)
committerMatthew Garrett <mjg@redhat.com>
Tue, 3 Aug 2010 13:48:44 +0000 (09:48 -0400)
Give different error messages if device_enum is NULL or if its type field
has the wrong value.

A simplified version of the semantic match that finds this problem is as
follows: (http://coccinelle.lip6.fr/)

// <smpl>
@r exists@
expression E,E1;
identifier f;
statement S1,S2,S3;
@@

if ((E == NULL && ...) || ...)
{
  ... when != if (...) S1 else S2
      when != E = E1
* E->f
  ... when any
  return ...;
}
else S3
// </smpl>

Signed-off-by: Julia Lawall <julia@diku.dk>
Signed-off-by: Matthew Garrett <mjg@redhat.com>
drivers/platform/x86/sony-laptop.c

index 1387c5f9c24d926aef958528cc031a5478475e1f..a47fd4eef8a30907fe3a5909d67ecd59b248dee2 100644 (file)
@@ -1196,9 +1196,13 @@ static void sony_nc_rfkill_setup(struct acpi_device *device)
        }
 
        device_enum = (union acpi_object *) buffer.pointer;
-       if (!device_enum || device_enum->type != ACPI_TYPE_BUFFER) {
-               printk(KERN_ERR "Invalid SN06 return object 0x%.2x\n",
-                               device_enum->type);
+       if (!device_enum) {
+               pr_err("Invalid SN06 return object\n");
+               goto out_no_enum;
+       }
+       if (device_enum->type != ACPI_TYPE_BUFFER) {
+               pr_err("Invalid SN06 return object type 0x%.2x\n",
+                      device_enum->type);
                goto out_no_enum;
        }