From patchwork Sat Jul 25 16:01:18 2009 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bartlomiej Zolnierkiewicz X-Patchwork-Id: 37340 Received: from vger.kernel.org (vger.kernel.org [209.132.176.167]) by demeter.kernel.org (8.14.2/8.14.2) with ESMTP id n6PG4SBC019400 for ; Sat, 25 Jul 2009 16:04:28 GMT Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751299AbZGYQEM (ORCPT ); Sat, 25 Jul 2009 12:04:12 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1751686AbZGYQEM (ORCPT ); Sat, 25 Jul 2009 12:04:12 -0400 Received: from mail-bw0-f228.google.com ([209.85.218.228]:36348 "EHLO mail-bw0-f228.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751299AbZGYQEL convert rfc822-to-8bit (ORCPT ); Sat, 25 Jul 2009 12:04:11 -0400 Received: by bwz28 with SMTP id 28so1898054bwz.37 for ; Sat, 25 Jul 2009 09:04:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:from:to:subject:date :user-agent:cc:mime-version:content-disposition:message-id :content-type:content-transfer-encoding; bh=TJHUP2O0Ie0NdNCI6+w2bEesD5aeCeL7LcEJE8d4ju4=; b=ac/0SdRHjr1s+BsG18N6KCoTFI9C88GRJGLXcoAez+AOP2lbQsFg/rNP6YmzVZKSts isczpBqZzOB0FnruXS7YogxzIOMiLiK+SNmdZre9QRb/7frLMH4qIM7Z8eOWMPbT9s3f 4H2cq0Xn/bWlGHwXlv9pki1nutbncykb45e8w= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=from:to:subject:date:user-agent:cc:mime-version:content-disposition :message-id:content-type:content-transfer-encoding; b=uoI/P2mhM9qzksuT3CR3MZUEDlz8bPjyfio2qMfHjAvtlvGn4Q51QmS2SOsSwyB9/O jicU96DKPIp23sCEWRS6Y5HJiP7dYol/k5cyAIma1/A2GzksavDQfYv/2mT7eY2opPxl QgwpCkz1es1EE5K3cNCY9WkA1TJnZMpTKv6G8= Received: by 10.103.224.8 with SMTP id b8mr2397473mur.118.1248537849293; Sat, 25 Jul 2009 09:04:09 -0700 (PDT) Received: from localhost.localdomain (chello089077034197.chello.pl [89.77.34.197]) by mx.google.com with ESMTPS id b9sm18823681mug.9.2009.07.25.09.04.08 (version=TLSv1/SSLv3 cipher=RC4-MD5); Sat, 25 Jul 2009 09:04:08 -0700 (PDT) From: Bartlomiej Zolnierkiewicz To: Len Brown Subject: [PATCH] acpi: fix NULL pointer dereference in acpi_ex_release_mutex() Date: Sat, 25 Jul 2009 18:01:18 +0200 User-Agent: KMail/1.11.4 (Linux/2.6.31-rc4-next-20090723-04314-g011b7b2-dirty; KDE/4.2.4; i686; ; ) Cc: linux-kernel@vger.kernel.org, linux-acpi@vger.kernel.org, Dan Carpenter , corbet@lwn.net, eteo@redhat.com MIME-Version: 1.0 Content-Disposition: inline Message-Id: <200907251801.19482.bzolnier@gmail.com> Sender: linux-acpi-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-acpi@vger.kernel.org From: Bartlomiej Zolnierkiewicz Subject: [PATCH] acpi: fix NULL pointer dereference in acpi_ex_release_mutex() From Dan's list: drivers/acpi/acpica/exmutex.c +397 acpi_ex_release_mutex(40) warning: variable derefenced before check 'walk_state->thread' Reorder the code to make it check for walk_state->thread existence before accessing walk_state->thread->thread_id and fix the comment while at it. Reported-by: Dan Carpenter Cc: corbet@lwn.net Cc: eteo@redhat.com Signed-off-by: Bartlomiej Zolnierkiewicz --- 2.6.31 material drivers/acpi/acpica/exmutex.c | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) -- To unsubscribe from this list: send the line "unsubscribe linux-acpi" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Index: b/drivers/acpi/acpica/exmutex.c =================================================================== --- a/drivers/acpi/acpica/exmutex.c +++ b/drivers/acpi/acpica/exmutex.c @@ -375,6 +375,14 @@ acpi_ex_release_mutex(union acpi_operand return_ACPI_STATUS(AE_AML_MUTEX_NOT_ACQUIRED); } + /* must have a valid thread */ + if (!walk_state->thread) { + ACPI_ERROR((AE_INFO, + "Cannot release Mutex [%4.4s], null thread info", + acpi_ut_get_node_name(obj_desc->mutex.node))); + return_ACPI_STATUS(AE_AML_INTERNAL); + } + /* * The Mutex is owned, but this thread must be the owner. * Special case for Global Lock, any thread can release @@ -392,15 +400,6 @@ acpi_ex_release_mutex(union acpi_operand return_ACPI_STATUS(AE_AML_NOT_OWNER); } - /* Must have a valid thread ID */ - - if (!walk_state->thread) { - ACPI_ERROR((AE_INFO, - "Cannot release Mutex [%4.4s], null thread info", - acpi_ut_get_node_name(obj_desc->mutex.node))); - return_ACPI_STATUS(AE_AML_INTERNAL); - } - /* * The sync level of the mutex must be equal to the current sync level. In * other words, the current level means that at least one mutex at that