[media] s5p-fimc: Avoid possible NULL pointer dereference in set_fmt op

This fixes following issue found with a static analysis tool: Pointer 'ffmt' returned from call to function 'fimc_capture_try_format' at line 1522 may be NULL and may be dereferenced at line 1535. Although it shouldn't happen in practice, add the NULL pointer check to be on the safe side. Signed-off-by: Sylwester Nawrocki <s.nawrocki@samsung.com> Signed-off-by: Kyungmin Park <kyungmin.park@samsung.com> Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
author: Sylwester Nawrocki <s.nawrocki@samsung.com> 2012-12-05 13:52:00 -0300
committer: Mauro Carvalho Chehab <mchehab@redhat.com> 2013-01-06 09:23:56 -0200
commit: 6612545ffb3c14ccb5fa265992cc1b40db3ff463 (patch)
tree: dc87e7cc2cfe95b99302904ab9ba37b5db12c1a4 /drivers
parent: ff4e3fe86f6c5e8c746f07e232a89330cd3cf1a9 (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/drivers/media/platform/s5p-fimc/fimc-capture.c b/drivers/media/platform/s5p-fimc/fimc-capture.c
index 95e6a7820b5..aad0850d0c0 100644
--- a/drivers/media/platform/s5p-fimc/fimc-capture.c
+++ b/drivers/media/platform/s5p-fimc/fimc-capture.c
@@ -1561,6 +1561,10 @@ static int fimc_subdev_set_fmt(struct v4l2_subdev *sd,
 		*mf = fmt->format;
 		return 0;
 	}
+	/* There must be a bug in the driver if this happens */
+	if (WARN_ON(ffmt == NULL))
+		return -EINVAL;
+
 	/* Update RGB Alpha control state and value range */
 	fimc_alpha_ctrl_update(ctx);
author	Sylwester Nawrocki <s.nawrocki@samsung.com>	2012-12-05 13:52:00 -0300
committer	Mauro Carvalho Chehab <mchehab@redhat.com>	2013-01-06 09:23:56 -0200
commit	6612545ffb3c14ccb5fa265992cc1b40db3ff463 (patch)
tree	dc87e7cc2cfe95b99302904ab9ba37b5db12c1a4 /drivers
parent	ff4e3fe86f6c5e8c746f07e232a89330cd3cf1a9 (diff)