From 6554f41fcbd042a14984861a14e65f7199057ce2 Mon Sep 17 00:00:00 2001
From: Manoj Prabhu B <bmanoj@codeaurora.org>
Date: Thu, 1 Jun 2017 14:44:16 +0530
Subject: diag: dci: Add NULL pointer checks for dci buffers

The patch initializes dci peripheral buffers to NULL
to prevent access before allocation by validating buffer status.

CRs-Fixed: 2048635
Change-Id: I9be46e751da81cbbbae4fe0333c23101fdbf79ed
Signed-off-by: Manoj Prabhu B <bmanoj@codeaurora.org>
---
 drivers/char/diag/diag_dci.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/drivers/char/diag/diag_dci.c b/drivers/char/diag/diag_dci.c
index fb45af9c49d3..196e87b61705 100644
--- a/drivers/char/diag/diag_dci.c
+++ b/drivers/char/diag/diag_dci.c
@@ -2910,6 +2910,8 @@ int diag_dci_register_client(struct diag_dci_reg_tbl_t *reg_entry)
 		new_entry->num_buffers = 1;
 		break;
 	}
+
+	new_entry->buffers = NULL;
 	new_entry->real_time = MODE_REALTIME;
 	new_entry->in_service = 0;
 	INIT_LIST_HEAD(&new_entry->list_write_buf);
@@ -2983,7 +2985,8 @@ int diag_dci_register_client(struct diag_dci_reg_tbl_t *reg_entry)
 
 fail_alloc:
 	if (new_entry) {
-		for (i = 0; i < new_entry->num_buffers; i++) {
+		for (i = 0; ((i < new_entry->num_buffers) &&
+			new_entry->buffers); i++) {
 			proc_buf = &new_entry->buffers[i];
 			if (proc_buf) {
 				mutex_destroy(&proc_buf->health_mutex);
-- 
cgit v1.2.3