Gitiles
Code Review Sign In
review.evervolv.com / android_kernel_htc_msm8960 / a73ed097420c53451e843ae61d9aadc8fefabc94^! / . / drivers / base / genlock.c
commita73ed097420c53451e843ae61d9aadc8fefabc94[log] [tgz]
authorJordan Crouse <jcrouse@codeaurora.org>Tue Jan 24 15:40:22 2012 -0700
committerJordan Crouse <jcrouse@codeaurora.org>Fri Jan 27 08:16:34 2012 -0700
tree2de85ca58404f0eb5b977858b7132e149e18122f
parent1484f46cd13597ba4522538376cbf4d514ea977f [diff] [blame]
base: genlock: Check for instances where handle is NULL

Check for the possibility of NULL handles passed into the
in-kernel API functions and return error where appropriate.
There is a non-zero chance that the private_data will be
cleared while the FD is still active, so check in the ioctl()
function as well.

CRs-fixed: 332835
Change-Id: Ic0dedbada2713080fef79ca188a87c578bec6d2f
Signed-off-by: Jordan Crouse <jcrouse@codeaurora.org>

diff --git a/drivers/base/genlock.c b/drivers/base/genlock.c
index 7e25684..27717e0 100644
--- a/drivers/base/genlock.c
+++ b/drivers/base/genlock.c

@@ -1,4 +1,4 @@
-/* Copyright (c) 2011, Code Aurora Forum. All rights reserved.
+/* Copyright (c) 2011-2012, Code Aurora Forum. All rights reserved.
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License version 2 and
@@ -110,6 +110,11 @@
 {
 	struct genlock *lock;
 
+	if (IS_ERR_OR_NULL(handle)) {
+		GENLOCK_LOG_ERR("Invalid handle\n");
+		return ERR_PTR(-EINVAL);
+	}
+
 	if (handle->lock != NULL) {
 		GENLOCK_LOG_ERR("Handle already has a lock attached\n");
 		return ERR_PTR(-EINVAL);
@@ -177,6 +182,11 @@
 	struct file *file;
 	struct genlock *lock;
 
+	if (IS_ERR_OR_NULL(handle)) {
+		GENLOCK_LOG_ERR("Invalid handle\n");
+		return ERR_PTR(-EINVAL);
+	}
+
 	if (handle->lock != NULL) {
 		GENLOCK_LOG_ERR("Handle already has a lock attached\n");
 		return ERR_PTR(-EINVAL);
@@ -392,9 +402,17 @@
 int genlock_lock(struct genlock_handle *handle, int op, int flags,
 	uint32_t timeout)
 {
-	struct genlock *lock = handle->lock;
+	struct genlock *lock;
+
 	int ret = 0;
 
+	if (IS_ERR_OR_NULL(handle)) {
+		GENLOCK_LOG_ERR("Invalid handle\n");
+		return -EINVAL;
+	}
+
+	lock = handle->lock;
+
 	if (lock == NULL) {
 		GENLOCK_LOG_ERR("Handle does not have a lock attached\n");
 		return -EINVAL;
@@ -426,11 +444,18 @@
 
 int genlock_wait(struct genlock_handle *handle, uint32_t timeout)
 {
-	struct genlock *lock = handle->lock;
+	struct genlock *lock;
 	unsigned long irqflags;
 	int ret = 0;
 	unsigned int ticks = msecs_to_jiffies(timeout);
 
+	if (IS_ERR_OR_NULL(handle)) {
+		GENLOCK_LOG_ERR("Invalid handle\n");
+		return -EINVAL;
+	}
+
+	lock = handle->lock;
+
 	if (lock == NULL) {
 		GENLOCK_LOG_ERR("Handle does not have a lock attached\n");
 		return -EINVAL;
@@ -589,6 +614,9 @@
 	struct genlock *lock;
 	int ret;
 
+	if (IS_ERR_OR_NULL(handle))
+		return -EINVAL;
+
 	switch (cmd) {
 	case GENLOCK_IOC_NEW: {
 		lock = genlock_create_lock(handle);