diag: dci: Add NULL pointer checks for dci buffers

The patch initializes dci peripheral buffers to NULL to prevent access before allocation by validating buffer status. CRs-Fixed: 2048635 Change-Id: I9be46e751da81cbbbae4fe0333c23101fdbf79ed Signed-off-by: Manoj Prabhu B <bmanoj@codeaurora.org>
author: Manoj Prabhu B <bmanoj@codeaurora.org> 2017-06-01 14:44:16 +0530
committer: Gerrit - the friendly Code Review server <code-review@localhost> 2017-07-17 03:10:49 -0700
commit: 6554f41fcbd042a14984861a14e65f7199057ce2 (patch)
tree: ea3abc822cec5f58fd815cf3969ade6682cd1d5f
parent: 0530e3fe605fe7346495ba0cf467051f64169af2 (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/drivers/char/diag/diag_dci.c b/drivers/char/diag/diag_dci.c
index fb45af9c49d3..196e87b61705 100644
--- a/drivers/char/diag/diag_dci.c
+++ b/drivers/char/diag/diag_dci.c
@@ -2910,6 +2910,8 @@ int diag_dci_register_client(struct diag_dci_reg_tbl_t *reg_entry)
 		new_entry->num_buffers = 1;
 		break;
 	}
+
+	new_entry->buffers = NULL;
 	new_entry->real_time = MODE_REALTIME;
 	new_entry->in_service = 0;
 	INIT_LIST_HEAD(&new_entry->list_write_buf);
@@ -2983,7 +2985,8 @@ int diag_dci_register_client(struct diag_dci_reg_tbl_t *reg_entry)
 
 fail_alloc:
 	if (new_entry) {
-		for (i = 0; i < new_entry->num_buffers; i++) {
+		for (i = 0; ((i < new_entry->num_buffers) &&
+			new_entry->buffers); i++) {
 			proc_buf = &new_entry->buffers[i];
 			if (proc_buf) {
 				mutex_destroy(&proc_buf->health_mutex);
author	Manoj Prabhu B <bmanoj@codeaurora.org>	2017-06-01 14:44:16 +0530
committer	Gerrit - the friendly Code Review server <code-review@localhost>	2017-07-17 03:10:49 -0700
commit	6554f41fcbd042a14984861a14e65f7199057ce2 (patch)
tree	ea3abc822cec5f58fd815cf3969ade6682cd1d5f
parent	0530e3fe605fe7346495ba0cf467051f64169af2 (diff)