From 18c0e843c5f34abe7a93d75cf1fe5191de134634 Mon Sep 17 00:00:00 2001 From: Dhoat Harpal Date: Tue, 20 Jun 2017 21:12:42 +0530 Subject: [PATCH] soc: qcom: glink: Move get reference to valid location In function ch_name_to_ch_ctx_create reference for ctx is taken without checking if ctx is valid. This leads to possible NULL pointer dereference. Take reference only when it is verified that ctx is not NULL. CRs-Fixed: 2059742 Change-Id: I15998780b602e325a90e7c8c303cd442c5381fe8 Signed-off-by: Dhoat Harpal --- drivers/soc/qcom/glink.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/soc/qcom/glink.c b/drivers/soc/qcom/glink.c index f4ffc7df1e9c..a7aad6dcb18a 100644 --- a/drivers/soc/qcom/glink.c +++ b/drivers/soc/qcom/glink.c @@ -1936,13 +1936,13 @@ check_ctx: } ctx->transport_ptr = xprt_ctx; + rwref_get(&ctx->ch_state_lhb2); list_add_tail(&ctx->port_list_node, &xprt_ctx->channels); GLINK_INFO_PERF_CH_XPRT(ctx, xprt_ctx, "%s: local:GLINK_CHANNEL_CLOSED\n", __func__); } - rwref_get(&ctx->ch_state_lhb2); spin_unlock_irqrestore(&xprt_ctx->xprt_ctx_lock_lhb1, flags); rwref_write_put(&xprt_ctx->xprt_state_lhb0); mutex_lock(&xprt_ctx->xprt_dbgfs_lock_lhb4);