I'm working on some new Smatch stuff and I hit the following problem
which I don't know how to fix.

drivers/usb/gadget/composite.c:1156 composite_setup()
         warn: calling potential NULL 'f->set_alt()'

drivers/usb/gadget/composite.c
  1143          /* function drivers must handle get/set altsetting; if there's
  1144           * no get() method, we know only altsetting zero works.

The comment says we should check ->get.

  1145           */
  1146          case USB_REQ_SET_INTERFACE:
  1147                  if (ctrl->bRequestType != USB_RECIP_INTERFACE)
  1148                          goto unknown;
  1149                  if (!cdev->config || intf >= MAX_CONFIG_INTERFACES)
  1150                          break;
  1151                  f = cdev->config->interface[intf];
  1152                  if (!f)
  1153                          break;
  1154                  if (w_value && !f->set_alt)
                                        ^^^^^^^^^^
We used to check ->get_alt() until dd4dff8b03 "USB: composite: Fix bug:
should test set_alt function pointer before use it".

  1155                          break;
  1156                  value = f->set_alt(f, w_index, w_value);

If "w_value" is zero then ->set_alt() can be NULL leading to a NULL
dereference.

  1157                  if (value == USB_GADGET_DELAYED_STATUS) {
  1158                          DBG(cdev,
  1159                           "%s: interface %d (%s) requested delayed 
status\n",
  1160                                          __func__, intf, f->name);
  1161                          cdev->delayed_status++;
  1162                          DBG(cdev, "delayed_status count %d\n",
  1163                                          cdev->delayed_status);
  1164                  }
  1165                  break;

regards,
dan carpenter

--
To unsubscribe from this list: send the line "unsubscribe linux-usb" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to