| From 5ba2f67afb02c5302b2898949ed6fc3b3d37dcf1 Mon Sep 17 00:00:00 2001 |
| From: Arjan van de Ven <arjan@linux.intel.com> |
| Date: Fri, 10 Oct 2008 21:16:12 -0700 |
| Subject: security: avoid calling a NULL function pointer in drivers/video/tvaudio.c |
| |
| From: Arjan van de Ven <arjan@linux.intel.com> |
| |
| commit 5ba2f67afb02c5302b2898949ed6fc3b3d37dcf1 upstream |
| |
| NULL function pointers are very bad security wise. This one got caught by |
| kerneloops.org quite a few times, so it's happening in the field.... |
| |
| Fix is simple, check the function pointer for NULL, like 6 other places |
| in the same function are already doing. |
| |
| Signed-off-by: Arjan van de Ven <arjan@linux.intel.com> |
| Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
| Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> |
| |
| --- |
| drivers/media/video/tvaudio.c | 2 +- |
| 1 file changed, 1 insertion(+), 1 deletion(-) |
| |
| --- a/drivers/media/video/tvaudio.c |
| +++ b/drivers/media/video/tvaudio.c |
| @@ -1805,7 +1805,7 @@ static int chip_command(struct i2c_clien |
| break; |
| case VIDIOC_S_FREQUENCY: |
| chip->mode = 0; /* automatic */ |
| - if (desc->checkmode) { |
| + if (desc->checkmode && desc->setmode) { |
| desc->setmode(chip,V4L2_TUNER_MODE_MONO); |
| if (chip->prevmode != V4L2_TUNER_MODE_MONO) |
| chip->prevmode = -1; /* reset previous mode */ |
