Fix the problem of dereferencing a NULL pointerandroid-u-qpr3-beta-2_r0.7android-u-qpr3-beta-2_r0.6android-u-qpr3-beta-2_r0.5android-u-qpr3-beta-2_r0.4android-u-qpr3-beta-2_r0.3android-u-qpr3-beta-2_r0.2android-u-qpr3-beta-1_r0.7android-u-qpr3-beta-1_r0.5android-u-qpr3-beta-1_r0.4android-u-qpr3-beta-1_r0.3android-u-qpr3-beta-1_r0.2android-u-qpr3-beta-1_r0.1android-u-qpr2-beta-3_r0.7android-u-qpr2-beta-3_r0.6android-u-qpr2-beta-3_r0.5android-u-qpr2-beta-3_r0.4android-u-qpr2-beta-3_r0.3android-u-qpr2-beta-3_r0.2android-u-qpr2-beta-3.1_r0.7android-u-qpr2-beta-3.1_r0.5android-u-qpr2-beta-3.1_r0.4android-u-qpr2-beta-3.1_r0.3android-u-qpr2-beta-3.1_r0.2android-u-qpr2-beta-3.1_r0.1android-u-qpr2-beta-2_r0.7android-u-qpr2-beta-2_r0.5android-u-qpr2-beta-2_r0.4android-u-qpr2-beta-2_r0.3android-u-qpr2-beta-2_r0.2android-u-qpr2-beta-2_r0.1android-u-qpr2-beta-1_r0.6android-u-qpr2-beta-1_r0.5android-u-qpr2-beta-1_r0.4android-u-qpr2-beta-1_r0.3android-u-qpr2-beta-1_r0.2android-u-qpr2-beta-1_r0.1android-u-qpr1-beta-2_r0.7android-u-qpr1-beta-2_r0.5android-u-qpr1-beta-2_r0.4android-u-qpr1-beta-2_r0.3android-u-qpr1-beta-2_r0.2android-u-qpr1-beta-2_r0.1android-u-qpr1-beta-2.2_r0.6android-u-qpr1-beta-2.2_r0.5android-u-qpr1-beta-2.2_r0.4android-u-qpr1-beta-2.2_r0.3android-u-qpr1-beta-2.2_r0.2android-u-qpr1-beta-2.2_r0.1android-u-qpr1-beta-2.1_r0.7android-u-qpr1-beta-2.1_r0.5android-u-qpr1-beta-2.1_r0.4android-u-qpr1-beta-2.1_r0.3android-u-qpr1-beta-2.1_r0.2android-u-qpr1-beta-2.1_r0.1android-u-qpr1-beta-1_r0.7android-u-qpr1-beta-1_r0.5android-u-qpr1-beta-1_r0.4android-u-qpr1-beta-1_r0.3android-u-qpr1-beta-1_r0.2android-u-qpr1-beta-1_r0.1android-u-preview-2_r0.4android-u-preview-2_r0.3android-u-preview-2_r0.2android-u-preview-1_r0.4android-u-preview-1_r0.3android-u-preview-1_r0.2android-u-beta-5_r0.7android-u-beta-5_r0.5android-u-beta-5_r0.4android-u-beta-5_r0.3android-u-beta-5_r0.2android-u-beta-5_r0.1android-u-beta-5.3_r0.7android-u-beta-5.3_r0.5android-u-beta-5.3_r0.4android-u-beta-5.3_r0.2android-u-beta-5.3_r0.1android-u-beta-5.2_r0.7android-u-beta-5.2_r0.6android-u-beta-5.2_r0.5android-u-beta-5.2_r0.3android-u-beta-5.2_r0.1android-u-beta-4_r0.7android-u-beta-4_r0.5android-u-beta-4_r0.4android-u-beta-4_r0.3android-u-beta-4_r0.2android-u-beta-4_r0.1android-u-beta-3_r0.5android-u-beta-3_r0.4android-u-beta-3_r0.3android-u-beta-3_r0.2android-u-beta-2_r0.4android-u-beta-2_r0.3android-u-beta-2_r0.2android-u-beta-2.1_r0.4android-u-beta-2.1_r0.3android-u-beta-2.1_r0.2android-u-beta-1_r0.5android-u-beta-1_r0.4android-u-beta-1_r0.3android-t-qpr3-beta-3_r0.5android-t-qpr3-beta-3_r0.4android-t-qpr3-beta-3_r0.3android-t-qpr3-beta-3.1_r0.5android-t-qpr3-beta-3.1_r0.4android-t-qpr3-beta-3.1_r0.3android-t-qpr3-beta-2_r0.5android-t-qpr3-beta-2_r0.4android-t-qpr3-beta-2_r0.3android-t-qpr3-beta-1_r0.5android-t-qpr3-beta-1_r0.4android-t-qpr3-beta-1_r0.3android-t-qpr3-beta-1_r0.1android-t-qpr2-beta-3_r0.5android-t-qpr2-beta-3_r0.4android-t-qpr2-beta-3_r0.3android-t-qpr2-beta-3.2_r0.6android-t-qpr2-beta-3.2_r0.5android-t-qpr2-beta-3.2_r0.4android-t-qpr2-beta-2_r0.5android-t-qpr2-beta-2_r0.4android-t-qpr2-beta-2_r0.3android-t-qpr2-beta-1_r0.6android-t-qpr2-beta-1_r0.5android-t-qpr2-beta-1_r0.4android-t-qpr1-beta-3_r0.5android-t-qpr1-beta-3_r0.4android-t-qpr1-beta-3_r0.3android-t-qpr1-beta-3.1_r0.1android-t-qpr1-beta-2_r0.5android-t-qpr1-beta-2_r0.4android-t-qpr1-beta-1_r0.4android-t-qpr1-beta-1_r0.3android-t-preview-2_r0.4android-t-preview-1_r0.4android-t-beta-4_r0.6android-t-beta-4_r0.5android-t-beta-4_r0.4android-t-beta-3_r0.4android-t-beta-3.3_r0.4android-t-beta-3.2_r0.4android-t-beta-2_r0.4android-t-beta-1_r0.4android-15-dp-2_r0.6android-15-dp-2_r0.5android-15-dp-2_r0.3android-15-dp-2_r0.2android-15-dp-2_r0.1android-15-dp-1_r0.7android-15-dp-1_r0.5android-15-dp-1_r0.4android-15-dp-1_r0.3android-15-dp-1_r0.2android-15-dp-1_r0.1android-14.0.0_r0.76android-14.0.0_r0.75android-14.0.0_r0.74android-14.0.0_r0.73android-14.0.0_r0.72android-14.0.0_r0.71android-14.0.0_r0.7android-14.0.0_r0.66android-14.0.0_r0.65android-14.0.0_r0.64android-14.0.0_r0.63android-14.0.0_r0.62android-14.0.0_r0.61android-14.0.0_r0.6android-14.0.0_r0.56android-14.0.0_r0.55android-14.0.0_r0.54android-14.0.0_r0.53android-14.0.0_r0.52android-14.0.0_r0.51android-14.0.0_r0.5android-14.0.0_r0.44android-14.0.0_r0.43android-14.0.0_r0.42android-14.0.0_r0.41android-14.0.0_r0.40android-14.0.0_r0.4android-14.0.0_r0.39android-14.0.0_r0.37android-14.0.0_r0.36android-14.0.0_r0.35android-14.0.0_r0.34android-14.0.0_r0.33android-14.0.0_r0.31android-14.0.0_r0.3android-14.0.0_r0.25android-14.0.0_r0.24android-14.0.0_r0.23android-14.0.0_r0.22android-14.0.0_r0.21android-14.0.0_r0.2android-14.0.0_r0.19android-14.0.0_r0.17android-14.0.0_r0.16android-14.0.0_r0.15android-14.0.0_r0.14android-14.0.0_r0.13android-14.0.0_r0.11android-13.0.0_r0.94android-13.0.0_r0.93android-13.0.0_r0.92android-13.0.0_r0.91android-13.0.0_r0.85android-13.0.0_r0.84android-13.0.0_r0.83android-13.0.0_r0.82android-13.0.0_r0.77android-13.0.0_r0.76android-13.0.0_r0.75android-13.0.0_r0.74android-13.0.0_r0.73android-13.0.0_r0.70android-13.0.0_r0.69android-13.0.0_r0.68android-13.0.0_r0.65android-13.0.0_r0.64android-13.0.0_r0.63android-13.0.0_r0.60android-13.0.0_r0.59android-13.0.0_r0.58android-13.0.0_r0.55android-13.0.0_r0.54android-13.0.0_r0.53android-13.0.0_r0.50android-13.0.0_r0.5android-13.0.0_r0.49android-13.0.0_r0.48android-13.0.0_r0.45android-13.0.0_r0.44android-13.0.0_r0.43android-13.0.0_r0.4android-13.0.0_r0.32android-13.0.0_r0.31android-13.0.0_r0.20android-13.0.0_r0.19android-13.0.0_r0.15android-13.0.0_r0.14android-13.0.0_r0.127android-13.0.0_r0.126android-13.0.0_r0.125android-13.0.0_r0.124android-13.0.0_r0.123android-13.0.0_r0.121android-13.0.0_r0.117android-13.0.0_r0.116android-13.0.0_r0.115android-13.0.0_r0.114android-13.0.0_r0.113android-13.0.0_r0.112android-13.0.0_r0.107android-13.0.0_r0.106android-13.0.0_r0.105android-13.0.0_r0.104android-13.0.0_r0.103android-13.0.0_r0.100main-16k-gs-raviole-5.10android-gs-tangorpro-android14-releaseandroid-gs-tangorpro-5.10-u-qpr1-beta2android-gs-tangorpro-5.10-u-beta5.3android-gs-tangorpro-5.10-u-beta5.2android-gs-tangorpro-5.10-u-beta5android-gs-tangorpro-5.10-u-beta4android-gs-tangorpro-5.10-android14-qpr2-betaandroid-gs-tangorpro-5.10-android14-qpr2android-gs-tangorpro-5.10-android14-qpr1-betaandroid-gs-tangorpro-5.10-android14-qpr1android-gs-tangorpro-5.10-android14android-gs-tangorpro-5.10-android13-qpr3android-gs-tangorpro-5.10-android13-d2android-gs-raviole-android14-releaseandroid-gs-raviole-5.10-u-qpr1-beta2android-gs-raviole-5.10-u-preview-2android-gs-raviole-5.10-u-preview-1android-gs-raviole-5.10-u-beta5.3android-gs-raviole-5.10-u-beta5.2android-gs-raviole-5.10-u-beta5android-gs-raviole-5.10-u-beta4android-gs-raviole-5.10-u-beta3android-gs-raviole-5.10-u-beta2android-gs-raviole-5.10-u-beta1android-gs-raviole-5.10-t-qpr3-beta-3android-gs-raviole-5.10-t-qpr3-beta-2android-gs-raviole-5.10-t-qpr2-beta-3.2android-gs-raviole-5.10-t-qpr2-beta-1android-gs-raviole-5.10-t-qpr1-beta-2android-gs-raviole-5.10-t-preview-2android-gs-raviole-5.10-t-preview-1android-gs-raviole-5.10-t-beta-4android-gs-raviole-5.10-t-beta-3android-gs-raviole-5.10-t-beta-2android-gs-raviole-5.10-t-beta-1android-gs-raviole-5.10-android14-qpr2-betaandroid-gs-raviole-5.10-android14-qpr2android-gs-raviole-5.10-android14-qpr1-betaandroid-gs-raviole-5.10-android14-qpr1android-gs-raviole-5.10-android14android-gs-raviole-5.10-android13-qpr3-beta1android-gs-raviole-5.10-android13-qpr3android-gs-raviole-5.10-android13-qpr2-betaandroid-gs-raviole-5.10-android13-qpr2android-gs-raviole-5.10-android13-qpr1-beta-3android-gs-raviole-5.10-android13-qpr1-betaandroid-gs-raviole-5.10-android13-qpr1android-gs-raviole-5.10-android13android-gs-pantah-android14-releaseandroid-gs-pantah-5.10-u-qpr1-beta2android-gs-pantah-5.10-u-preview-2android-gs-pantah-5.10-u-preview-1android-gs-pantah-5.10-u-beta5.3android-gs-pantah-5.10-u-beta5android-gs-pantah-5.10-u-beta4android-gs-pantah-5.10-u-beta3android-gs-pantah-5.10-u-beta2android-gs-pantah-5.10-u-beta1android-gs-pantah-5.10-t-qpr3-beta-3android-gs-pantah-5.10-t-qpr3-beta-2android-gs-pantah-5.10-t-qpr2-beta-3.2android-gs-pantah-5.10-t-qpr2-beta-1android-gs-pantah-5.10-t-qpr1-beta-3android-gs-pantah-5.10-android14-qpr2-betaandroid-gs-pantah-5.10-android14-qpr2android-gs-pantah-5.10-android14-qpr1-betaandroid-gs-pantah-5.10-android14-qpr1android-gs-pantah-5.10-android14android-gs-pantah-5.10-android13-qpr3-beta1android-gs-pantah-5.10-android13-qpr3android-gs-pantah-5.10-android13-qpr2-betaandroid-gs-pantah-5.10-android13-qpr2android-gs-pantah-5.10-android13-qpr1-beta-3android-gs-pantah-5.10-android13-qpr1android-gs-pantah-5.10-android13-d1android-gs-lynx-android14-releaseandroid-gs-lynx-5.10-u-qpr1-beta2android-gs-lynx-5.10-u-beta5.2android-gs-lynx-5.10-u-beta5android-gs-lynx-5.10-u-beta4android-gs-lynx-5.10-u-beta3android-gs-lynx-5.10-android14-qpr2-betaandroid-gs-lynx-5.10-android14-qpr2android-gs-lynx-5.10-android14-qpr1-betaandroid-gs-lynx-5.10-android14-qpr1android-gs-lynx-5.10-android14android-gs-lynx-5.10-android13-qpr3android-gs-lynx-5.10-android13-qpr2-bandroid-gs-lynx-5.10-android13-d4android-gs-felix-android14-releaseandroid-gs-felix-5.10-u-qpr1-beta2android-gs-felix-5.10-u-beta5.3android-gs-felix-5.10-u-beta5.2android-gs-felix-5.10-u-beta5android-gs-felix-5.10-u-beta4android-gs-felix-5.10-android14-qpr2-betaandroid-gs-felix-5.10-android14-qpr2android-gs-felix-5.10-android14-qpr1-betaandroid-gs-felix-5.10-android14-qpr1android-gs-felix-5.10-android14android-gs-felix-5.10-android13-qpr3-candroid-gs-felix-5.10-android13-qpr3android-gs-felix-5.10-android13-d3android-gs-bluejay-android14-releaseandroid-gs-bluejay-5.10-u-qpr1-beta2android-gs-bluejay-5.10-u-preview-2android-gs-bluejay-5.10-u-preview-1android-gs-bluejay-5.10-u-beta5.3android-gs-bluejay-5.10-u-beta5.2android-gs-bluejay-5.10-u-beta5android-gs-bluejay-5.10-u-beta4android-gs-bluejay-5.10-u-beta3android-gs-bluejay-5.10-u-beta2android-gs-bluejay-5.10-u-beta1android-gs-bluejay-5.10-t-qpr3-beta-3android-gs-bluejay-5.10-t-qpr3-beta-2android-gs-bluejay-5.10-t-qpr2-beta-3android-gs-bluejay-5.10-t-qpr2-beta-1android-gs-bluejay-5.10-t-qpr1-beta-2android-gs-bluejay-5.10-t-beta-4android-gs-bluejay-5.10-android14-qpr2-betaandroid-gs-bluejay-5.10-android14-qpr2android-gs-bluejay-5.10-android14-qpr1-betaandroid-gs-bluejay-5.10-android14-qpr1android-gs-bluejay-5.10-android14android-gs-bluejay-5.10-android13-qpr3-beta1android-gs-bluejay-5.10-android13-qpr3android-gs-bluejay-5.10-android13-qpr2-betaandroid-gs-bluejay-5.10-android13-qpr2android-gs-bluejay-5.10-android13-qpr1-beta-3android-gs-bluejay-5.10-android13-qpr1-betaandroid-gs-bluejay-5.10-android13-qpr1android-gs-bluejay-5.10-android13

The pointer st33spi will be dereferenced after it was positively
checked for NULL, isolate the condition st33spi == NULL and return
errno ENODEV

Bug: 205943658
Bug: 205950808
Bug: 205950761
Test: Manual
Change-Id: I23642ef8a8261de11aa58e5c9ff2e30476062009

1 files changed, 13 insertions, 4 deletions

diff --git a/ese/st33spi.c b/ese/st33spi.c
index 825d186..d72ccbd 100644
--- a/ese/st33spi.c
+++ b/ese/st33spi.c
@@ -287,7 +287,10 @@ static ssize_t st33spi_read(struct file *filp, char __user *buf, size_t count,
 
 	st33spi = filp->private_data;
 
-	if (st33spi == NULL || !st33spi->spi_state) {
+	if (st33spi == NULL)
+		return -ENODEV;
+
+	if (!st33spi->spi_state) {
 		dev_warn(&st33spi->spi->dev, "st33spi: spi is not enabled, abort read process\n");
 		return -EFAULT;
 	}
@@ -326,7 +329,10 @@ static ssize_t st33spi_write(struct file *filp, const char __user *buf,
 
 	st33spi = filp->private_data;
 
-	if (st33spi == NULL || !st33spi->spi_state) {
+	if (st33spi == NULL)
+		return -ENODEV;
+
+	if (!st33spi->spi_state) {
 		dev_warn(&st33spi->spi->dev, "st33spi: spi is not enabled, abort write process\n");
 		return -EFAULT;
 	}
@@ -796,7 +802,7 @@ static long st33spi_compat_ioctl(struct file *filp, unsigned int cmd,
 
 static int st33spi_open(struct inode *inode, struct file *filp)
 {
-	struct st33spi_data *st33spi;
+	struct st33spi_data *st33spi = NULL;
 	int status = -ENXIO;
 
 	mutex_lock(&device_list_lock);
@@ -808,13 +814,16 @@ static int st33spi_open(struct inode *inode, struct file *filp)
 		}
 	}
 
+	if (st33spi == NULL)
+		return -ENODEV;
+
 	if (status) {
 		dev_dbg(&st33spi->spi->dev, "st33spi: nothing for minor %d\n",
 			iminor(inode));
 		goto err_find_dev;
 	}
 
-	if (st33spi == NULL || !st33spi->spi_state) {
+	if (!st33spi->spi_state) {
 		dev_warn(&st33spi->spi->dev,
 				"st33spi: spi is not enabled, abort open process\n");
 		mutex_unlock(&device_list_lock);