diff options
| author | Mohit Khanna <mkhanna@qca.qualcomm.com> | 2014-05-19 12:35:59 -0700 |
|---|---|---|
| committer | Akash Patel <c_akashp@qca.qualcomm.com> | 2014-05-22 17:30:38 -0700 |
| commit | 2df48ff690a2953a2a98c94dda3f6bc476fdb347 (patch) | |
| tree | d87735e63ad4003cc0d3121e78aa83a13b369ce1 | |
| parent | a77008c3348b2808832213a30a8f4ef83dd89958 (diff) | |
qcacld-new: HIF(SDIO) fix for null pointer dereference of sc
In the sdio probe function hifDeviceInserted, we are trying to attach
register table to "sc" global variable even though its not initialized.
This is causing a null pointer crash. Fixed the issue by
1.Removing the call to attach register table when "sc" is uninitialized.
2.Checking for null pointer in "hif_register_tbl_attach"
CRs-Fixed: 668389
Change-Id: Ia372f89fc9cdb099cc390ddbc1703f415eb2af1d
| -rw-r--r-- | CORE/SERVICES/HIF/sdio/linux/native_sdio/src/hif.c | 35 | ||||
| -rw-r--r-- | CORE/SERVICES/HIF/sdio/regtable.c | 6 |
2 files changed, 7 insertions, 34 deletions
diff --git a/CORE/SERVICES/HIF/sdio/linux/native_sdio/src/hif.c b/CORE/SERVICES/HIF/sdio/linux/native_sdio/src/hif.c index 828a84cd210e..3e1700dd04de 100644 --- a/CORE/SERVICES/HIF/sdio/linux/native_sdio/src/hif.c +++ b/CORE/SERVICES/HIF/sdio/linux/native_sdio/src/hif.c @@ -1130,38 +1130,6 @@ static int enable_task(void *param) return 0; } #endif - -static void hifAssignTargetHeaders(A_UINT16 SDIO_ID) -{ - switch (SDIO_ID) { - case MANUFACTURER_ID_AR6002_BASE: - hif_register_tbl_attach(HIF_TYPE_AR6002); - break; - - case MANUFACTURER_ID_AR6003_BASE: - hif_register_tbl_attach(HIF_TYPE_AR6003); - break; - - case MANUFACTURER_ID_AR6004_BASE: - hif_register_tbl_attach(HIF_TYPE_AR6004); - break; - - case MANUFACTURER_ID_AR6320_BASE: - hif_register_tbl_attach(HIF_TYPE_AR6320); - break; - - case MANUFACTURER_ID_QCA9377_BASE: - /* do nothing here as hif_register_tbl_attach - * will be done later - */ - break; - - default: - A_ASSERT(FALSE); - break; - } -} - static int hifDeviceInserted(struct sdio_func *func, const struct sdio_device_id *id) { int i; @@ -1171,7 +1139,7 @@ static int hifDeviceInserted(struct sdio_func *func, const struct sdio_device_id AR_DEBUG_PRINTF(ATH_DEBUG_TRACE, ("AR6000: hifDeviceInserted, Function: 0x%X, Vendor ID: 0x%X, Device ID: 0x%X, block size: 0x%X/0x%X\n", - func->num, func->vendor, func->device, func->max_blksize, func->cur_blksize)); + func->num, func->vendor, id->device, func->max_blksize, func->cur_blksize)); /* dma_mask should not be NULL, otherwise dma_map_single will crash. TODO: check why dma_mask is NULL here @@ -1200,7 +1168,6 @@ static int hifDeviceInserted(struct sdio_func *func, const struct sdio_device_id if (device==NULL) { addHifDevice(func); device = getHifDevice(func); - hifAssignTargetHeaders(id->device); for (i=0; i<MAX_HIF_DEVICES; ++i) { if (hif_devices[i] == NULL) { diff --git a/CORE/SERVICES/HIF/sdio/regtable.c b/CORE/SERVICES/HIF/sdio/regtable.c index cba90fda5527..34a3f333e9ae 100644 --- a/CORE/SERVICES/HIF/sdio/regtable.c +++ b/CORE/SERVICES/HIF/sdio/regtable.c @@ -61,6 +61,12 @@ void hif_register_tbl_attach(u32 hif_type) { ENTER("hif_type %d", hif_type); + if (NULL == sc) { + VOS_TRACE( VOS_MODULE_ID_HIF, VOS_TRACE_LEVEL_ERROR, "%s: sc is NULL", + __func__); + return; +} + switch (hif_type) { case HIF_TYPE_AR9888: sc->hostdef = &ar9888_hostdef; |