diff options
author | Zheyu Ma <zheyuma97@gmail.com> | 2022-04-10 19:48:14 +0800 |
---|---|---|
committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2022-06-14 16:59:36 +0200 |
commit | ba08cbc5b53e151d0acf1930fb526fc65b7f3e65 (patch) | |
tree | 3e019cab0111212b968448045a092a655b11dd0f /drivers | |
parent | f00863b470c9f15f3c7cf9c361d608af74691cd2 (diff) | |
download | linux-stable-ba08cbc5b53e151d0acf1930fb526fc65b7f3e65.tar.gz linux-stable-ba08cbc5b53e151d0acf1930fb526fc65b7f3e65.tar.bz2 linux-stable-ba08cbc5b53e151d0acf1930fb526fc65b7f3e65.zip |
tty: synclink_gt: Fix null-pointer-dereference in slgt_clean()
[ Upstream commit 689ca31c542687709ba21ec2195c1fbce34fd029 ]
When the driver fails at alloc_hdlcdev(), and then we remove the driver
module, we will get the following splat:
[ 25.065966] general protection fault, probably for non-canonical address 0xdffffc0000000182: 0000 [#1] PREEMPT SMP KASAN PTI
[ 25.066914] KASAN: null-ptr-deref in range [0x0000000000000c10-0x0000000000000c17]
[ 25.069262] RIP: 0010:detach_hdlc_protocol+0x2a/0x3e0
[ 25.077709] Call Trace:
[ 25.077924] <TASK>
[ 25.078108] unregister_hdlc_device+0x16/0x30
[ 25.078481] slgt_cleanup+0x157/0x9f0 [synclink_gt]
Fix this by checking whether the 'info->netdev' is a null pointer first.
Reviewed-by: Jiri Slaby <jirislaby@kernel.org>
Signed-off-by: Zheyu Ma <zheyuma97@gmail.com>
Link: https://lore.kernel.org/r/20220410114814.3920474-1-zheyuma97@gmail.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Diffstat (limited to 'drivers')
-rw-r--r-- | drivers/tty/synclink_gt.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/drivers/tty/synclink_gt.c b/drivers/tty/synclink_gt.c index afe34beec720..11c62fcd67f2 100644 --- a/drivers/tty/synclink_gt.c +++ b/drivers/tty/synclink_gt.c @@ -1753,6 +1753,8 @@ static int hdlcdev_init(struct slgt_info *info) */ static void hdlcdev_exit(struct slgt_info *info) { + if (!info->netdev) + return; unregister_hdlc_device(info->netdev); free_netdev(info->netdev); info->netdev = NULL; |