summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorArjan van de Ven <arjan@linux.intel.com>2008-10-10 21:16:12 -0700
committerGreg Kroah-Hartman <gregkh@suse.de>2008-10-22 14:21:33 -0700
commitcd9f58efb861a86283931f3db17aa2a4fe4da642 (patch)
treecf025a1cf179005203ce8e6342b2002cb52a8b9b
parent686c714cce06e8804e15daf7ce3d4f80c35c6a69 (diff)
downloadlinux-stable-cd9f58efb861a86283931f3db17aa2a4fe4da642.tar.gz
linux-stable-cd9f58efb861a86283931f3db17aa2a4fe4da642.tar.bz2
linux-stable-cd9f58efb861a86283931f3db17aa2a4fe4da642.zip
security: avoid calling a NULL function pointer in drivers/video/tvaudio.c
commit 5ba2f67afb02c5302b2898949ed6fc3b3d37dcf1 upstream NULL function pointers are very bad security wise. This one got caught by kerneloops.org quite a few times, so it's happening in the field.... Fix is simple, check the function pointer for NULL, like 6 other places in the same function are already doing. Signed-off-by: Arjan van de Ven <arjan@linux.intel.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-rw-r--r--drivers/media/video/tvaudio.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/drivers/media/video/tvaudio.c b/drivers/media/video/tvaudio.c
index 463680b13289..b59e47272abf 100644
--- a/drivers/media/video/tvaudio.c
+++ b/drivers/media/video/tvaudio.c
@@ -1792,7 +1792,7 @@ static int chip_command(struct i2c_client *client,
break;
case VIDIOC_S_FREQUENCY:
chip->mode = 0; /* automatic */
- if (desc->checkmode) {
+ if (desc->checkmode && desc->setmode) {
desc->setmode(chip,V4L2_TUNER_MODE_MONO);
if (chip->prevmode != V4L2_TUNER_MODE_MONO)
chip->prevmode = -1; /* reset previous mode */