Hi Colin, On Tue, Dec 20, 2016 at 10:07:50AM +0000, Colin King wrote: > From: Colin Ian King <[email protected]> > > rmi_dev is currently being dereferenced before it null checked, so we > have a potential null pointer dereference issue with this. Fix this > by dereferencing rmi_dev after a null check has been performed. > > Fixes CoverityScan CID 1391218 ("Dereference before null check")
I'd rather we removed the NULL check instead. As far as I can see it can't even be NULL. > > Signed-off-by: Colin Ian King <[email protected]> > --- > drivers/input/rmi4/rmi_f03.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/drivers/input/rmi4/rmi_f03.c b/drivers/input/rmi4/rmi_f03.c > index 8a7ca3e..008f42a 100644 > --- a/drivers/input/rmi4/rmi_f03.c > +++ b/drivers/input/rmi4/rmi_f03.c > @@ -164,7 +164,7 @@ static int rmi_f03_config(struct rmi_function *fn) > static int rmi_f03_attention(struct rmi_function *fn, unsigned long > *irq_bits) > { > struct rmi_device *rmi_dev = fn->rmi_dev; > - struct rmi_driver_data *drvdata = dev_get_drvdata(&rmi_dev->dev); > + struct rmi_driver_data *drvdata; > struct f03_data *f03 = dev_get_drvdata(&fn->dev); > u16 data_addr = fn->fd.data_base_addr; > const u8 ob_len = f03->rx_queue_length * RMI_F03_OB_SIZE; > @@ -178,6 +178,7 @@ static int rmi_f03_attention(struct rmi_function *fn, > unsigned long *irq_bits) > if (!rmi_dev) > return -ENODEV; > > + drvdata = dev_get_drvdata(&rmi_dev->dev); > if (drvdata->attn_data.data) { > /* First grab the data passed by the transport device */ > if (drvdata->attn_data.size < ob_len) { > -- > 2.10.2 > Thanks. -- Dmitry
