]> www.infradead.org Git - users/willy/linux.git/commitdiff
ACPICA: Avoid null pointer dereference on Op.
authorColin Ian King <colin.king@canonical.com>
Fri, 17 Nov 2017 23:40:17 +0000 (15:40 -0800)
committerRafael J. Wysocki <rafael.j.wysocki@intel.com>
Mon, 27 Nov 2017 00:20:28 +0000 (01:20 +0100)
ACPICA commit 08a00639b0d6756e8ba1421419fc3728904651d9

The calls to acpi_os_acquire_object can result in a null being assigned
to Op (for example if a mutex acquire fails) which can lead to a
null pointer dereference on Op on the call to ASL_CV_TRANSFER_COMMENTS
(via function cv_transfer_comments). Move the block into the previous
block that checks for a null Op so that we never can call
cv_transfer_comments with a null Op.

Detected by: coverity_scan CID#1371660 ("Dereference after null check")

Link: https://github.com/acpica/acpica/commit/08a00639
Signed-off-by: Colin Ian King <colin.king@canonical.com>
Signed-off-by: Bob Moore <robert.moore@intel.com>
Signed-off-by: Erik Schmauss <erik.schmauss@intel.com>
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
drivers/acpi/acpica/psutils.c

index 02642760cb93128f77af1e05cc2db489fe0101bd..e15b636b1d4ba87d20449d4d1ddcc3977ff44b96 100644 (file)
@@ -158,10 +158,10 @@ union acpi_parse_object *acpi_ps_alloc_op(u16 opcode, u8 *aml)
                if (opcode == AML_SCOPE_OP) {
                        acpi_gbl_current_scope = op;
                }
-       }
 
-       if (gbl_capture_comments) {
-               ASL_CV_TRANSFER_COMMENTS(op);
+               if (gbl_capture_comments) {
+                       ASL_CV_TRANSFER_COMMENTS(op);
+               }
        }
 
        return (op);