On Sun, 29 Jul 2007, Domen Puncer wrote:
> On 29/07/07 00:02 +0200, Jesper Juhl wrote: > > Hi, > > > > Here's a small patch, prompted by a find by the Coverity checker, > > that removes a potential NULL pointer dereference from > > drivers/net/sb1000.c::sb1000_dev_ioctl(). > > The checker spotted that we do a NULL test of 'dev', yet we > > dereference the pointer prior to that check. > > This patch simply moves the dereference after the NULL test. > > But... it can't be called without a valid 'dev', no? > A quick 'grep do_ioctl net/' confirms that all calls are in > the form of 'dev->do_ioctl(dev, ...'. Yup, I think so too ... > > @@ -991,11 +991,13 @@ static int sb1000_dev_ioctl(struct net_device *dev, > > struct ifreq *ifr, int cmd) > > short PID[4]; > > int ioaddr[2], status, frequency; > > unsigned int stats[5]; > > - struct sb1000_private *lp = netdev_priv(dev); > > + struct sb1000_private *lp; > > > > if (!(dev && dev->flags & IFF_UP)) > > return -ENODEV; I think we could get rid of the !dev check itself. Actually, the IFF_UP check /also/ looks suspect to me for two reasons: (1) I remember Stephen Hemminger once telling me dev->flags is legacy and unsafe, and one of the netif_xxx() functions be used instead, and, (2) I wonder if we really require the interface to be up and *running* when we do this ioctl. Satyam - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
