In drivers/isdn/capi/kcapi.c::old_capi_manufacturer(), if the call
to get_capi_ctr_by_nr(ldef.contr); in line 823 returns NULL, then
we'll be dereferencing a NULL pointer in the very next line.
(Found by Coverity checker as bug #402)
Signed-off-by: Jesper Juhl <[EMAIL PROTECTED]>
---
drivers/isdn/capi/kcapi.c | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/drivers/isdn/capi/kcapi.c b/drivers/isdn/capi/kcapi.c
index 3ed34f7..3f9e962 100644
--- a/drivers/isdn/capi/kcapi.c
+++ b/drivers/isdn/capi/kcapi.c
@@ -821,6 +821,8 @@ static int old_capi_manufacturer(unsigned int cmd, void
__user *data)
return -EFAULT;
}
card = get_capi_ctr_by_nr(ldef.contr);
+ if (!card)
+ return -EINVAL;
card = capi_ctr_get(card);
if (!card)
return -ESRCH;
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
