From e8a285b7b10029c3da7e9bbaa1659e7e08178912 Mon Sep 17 00:00:00 2001
From: Jesper Juhl <jesper.juhl@gmail.com>
Date: Tue, 16 Oct 2007 01:27:52 -0700
Subject: isdn: guard against a potential NULL pointer dereference in
 old_capi_manufacturer()

In drivers/isdn/capi/kcapi.c::old_capi_manufacturer(), if the call to
get_capi_ctr_by_nr(ldef.contr); in line 823 returns NULL, then we'll be
dereferencing a NULL pointer in the very next line.

(Found by Coverity checker as bug #402)

Signed-off-by: Jesper Juhl <jesper.juhl@gmail.com>
Acked-by: Karsten Keil <kkeil@suse.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
---
 drivers/isdn/capi/kcapi.c | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'drivers')

diff --git a/drivers/isdn/capi/kcapi.c b/drivers/isdn/capi/kcapi.c
index 9f73bc27..f555318 100644
--- a/drivers/isdn/capi/kcapi.c
+++ b/drivers/isdn/capi/kcapi.c
@@ -821,6 +821,8 @@ static int old_capi_manufacturer(unsigned int cmd, void __user *data)
 				return -EFAULT;
 		}
 		card = get_capi_ctr_by_nr(ldef.contr);
+		if (!card)
+			return -EINVAL;
 		card = capi_ctr_get(card);
 		if (!card)
 			return -ESRCH;
-- 
cgit v1.1