Commit 2e7682eb authored by YueHaibing's avatar YueHaibing Committed by Mauro Carvalho Chehab
Browse files

media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame 



'vb' null check should be done before dereferencing it in
tw5864_handle_frame, otherwise a NULL pointer dereference
may occur.

Fixes: 34d1324e ("[media] pci: Add tw5864 driver")

Signed-off-by: default avatarYueHaibing <yuehaibing@huawei.com>
Signed-off-by: default avatarHans Verkuil <hverkuil-cisco@xs4all.nl>
Signed-off-by: default avatarMauro Carvalho Chehab <mchehab+samsung@kernel.org>
parent f8ee34c3

drivers/media/pci/tw5864/tw5864-video.c

+2 −2
Original line number Original line Diff line number Diff line
@@ -1395,13 +1395,13 @@ static void tw5864_handle_frame(struct tw5864_h264_frame *frame) 
	input->vb = NULL;

	input->vb = NULL;

	spin_unlock_irqrestore(&input->slock, flags);

	spin_unlock_irqrestore(&input->slock, flags);





	v4l2_buf = to_vb2_v4l2_buffer(&vb->vb.vb2_buf);



	if (!vb) { /* Gone because of disabling */

	if (!vb) { /* Gone because of disabling */

		dev_dbg(&dev->pci->dev, "vb is empty, dropping frame\n");

		dev_dbg(&dev->pci->dev, "vb is empty, dropping frame\n");

		return;

		return;

	}

	}





	v4l2_buf = to_vb2_v4l2_buffer(&vb->vb.vb2_buf);



	/*

	/*

	 * Check for space.

	 * Check for space.

	 * Mind the overhead of startcode emulation prevention.

	 * Mind the overhead of startcode emulation prevention.