diff options
| author | Mathieu Desnoyers <mathieu.desnoyers@efficios.com> | 2011-11-30 22:34:16 +0400 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@suse.de> | 2011-12-01 21:37:48 +0400 |
| commit | eeb34e2113576aea782094d1e30f22b445355fe8 (patch) | |
| tree | f9c9955250154f447fb0b094ffa28b109bfb5c42 | |
| parent | e5f7787388da7562b955a36b46e909e500a5974b (diff) | |
| download | linux-eeb34e2113576aea782094d1e30f22b445355fe8.tar.xz | |
lttng lib: ring buffer move null pointer check to open
* Dan Carpenter <dan.carpenter@oracle.com> wrote:
> The patch c844b2f5cfea: "lttng lib: ring buffer" from Nov 28, 2011,
> leads to the following Smatch complaint:
>
> drivers/staging/lttng/lib/ringbuffer/ring_buffer_mmap.c +86
> +lib_ring_buffer_mmap_buf()
> warn: variable dereferenced before check 'buf' (see line 79)
>
> drivers/staging/lttng/lib/ringbuffer/ring_buffer_mmap.c
> 78 unsigned long length = vma->vm_end - vma->vm_start;
> 79 struct channel *chan = buf->backend.chan;
> ^^^^^^^^^^^^^^^^^
> Dereference.
>
> 80 const struct lib_ring_buffer_config *config = chan->backend.config;
> 81 unsigned long mmap_buf_len;
> 82
> 83 if (config->output != RING_BUFFER_MMAP)
> 84 return -EINVAL;
> 85
> 86 if (!buf)
> ^^^^
> Check.
>
> 87 return -EBADF;
> 88
Let's move the NULL buf check to the file "open", where it belongs. The
"open" file operation is the actual interface between lib ring buffer
and the modules using it.
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
| -rw-r--r-- | drivers/staging/lttng/lib/ringbuffer/ring_buffer_mmap.c | 3 | ||||
| -rw-r--r-- | drivers/staging/lttng/lib/ringbuffer/ring_buffer_vfs.c | 3 |
2 files changed, 3 insertions, 3 deletions
diff --git a/drivers/staging/lttng/lib/ringbuffer/ring_buffer_mmap.c b/drivers/staging/lttng/lib/ringbuffer/ring_buffer_mmap.c index cf374348d907..c9d6e89a7695 100644 --- a/drivers/staging/lttng/lib/ringbuffer/ring_buffer_mmap.c +++ b/drivers/staging/lttng/lib/ringbuffer/ring_buffer_mmap.c @@ -80,9 +80,6 @@ static int lib_ring_buffer_mmap_buf(struct lib_ring_buffer *buf, if (config->output != RING_BUFFER_MMAP) return -EINVAL; - if (!buf) - return -EBADF; - mmap_buf_len = chan->backend.buf_size; if (chan->backend.extra_reader_sb) mmap_buf_len += chan->backend.subbuf_size; diff --git a/drivers/staging/lttng/lib/ringbuffer/ring_buffer_vfs.c b/drivers/staging/lttng/lib/ringbuffer/ring_buffer_vfs.c index 1708ffd6bc9b..8b783052a5f6 100644 --- a/drivers/staging/lttng/lib/ringbuffer/ring_buffer_vfs.c +++ b/drivers/staging/lttng/lib/ringbuffer/ring_buffer_vfs.c @@ -42,6 +42,9 @@ int lib_ring_buffer_open(struct inode *inode, struct file *file) struct lib_ring_buffer *buf = inode->i_private; int ret; + if (!buf) + return -EINVAL; + ret = lib_ring_buffer_open_read(buf); if (ret) return ret; |