On 23/04/17 10:52, Pan Bian wrote:
From: Pan Bian <bianpan2...@163.com>Function pci_ioremap_bar() will return a NULL pointer if there is no enough memory. However, in function apci3xxx_auto_attach(), the return value of function pci_ioremap_bar() is not validated. This may result in NULL dereference in following access to dev->mmio. This patch fixes the bug. Signed-off-by: Pan Bian <bianpan2...@163.com> --- drivers/staging/comedi/drivers/addi_apci_3xxx.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/drivers/staging/comedi/drivers/addi_apci_3xxx.c b/drivers/staging/comedi/drivers/addi_apci_3xxx.c index b6af3eb..a07d5bd 100644 --- a/drivers/staging/comedi/drivers/addi_apci_3xxx.c +++ b/drivers/staging/comedi/drivers/addi_apci_3xxx.c @@ -787,6 +787,8 @@ static int apci3xxx_auto_attach(struct comedi_device *dev, dev->iobase = pci_resource_start(pcidev, 2); dev->mmio = pci_ioremap_bar(pcidev, 3); + if (!dev->mmio) + return -ENOMEM; if (pcidev->irq > 0) { ret = request_irq(pcidev->irq, apci3xxx_irq_handler,
Looks good. Thanks for the fix. Reviewed-by: Ian Abbott <abbo...@mev.co.uk> -- -=( Ian Abbott @ MEV Ltd. E-mail: <abbo...@mev.co.uk> )=- -=( Web: http://www.mev.co.uk/ )=-
