[DTV00922031] misc: Fix NULL pointer risk reported by static analysis tool
[Description]
Fix the NULL pointer access risk reported by the static analysis tool.
Change-Id: Id336b0ff6d94e7b28ba32deae6206db113e3be95
Signed-off-by: Sarick Jiang <sarick.jiang@mediatek.com>
CR-Id: DTV00922031
Feature: misc
Reviewed-on: http://gerrit.mediatek.inc:8080/1273252
CheckPatch: Check Patch <srv_checkpatch@mediatek.com>
Reviewed-by: George Kuo <george.kuo@mediatek.com>
Reviewed-by: Soul Huang <soul.huang@mediatek.com>
Build: srv_neptune_adm <srv_neptune_adm@mediatek.com>
diff --git a/mgmt/ais_fsm.c b/mgmt/ais_fsm.c
index ccaa072..64825d4 100644
--- a/mgmt/ais_fsm.c
+++ b/mgmt/ais_fsm.c
@@ -446,6 +446,10 @@
/* 4 <2> Setup corresponding STA_RECORD_T */
prStaRec = bssCreateStaRecFromBssDesc(prAdapter,
STA_TYPE_LEGACY_AP, prAdapter->prAisBssInfo->ucBssIndex, prBssDesc);
+ if (!prStaRec) {
+ DBGLOG(AIS, ERROR, "prStaRec is NULL!\n");
+ return;
+ }
prAisFsmInfo->prTargetStaRec = prStaRec;
@@ -680,7 +684,10 @@
/* 4 <2> Setup corresponding STA_RECORD_T */
prStaRec = bssCreateStaRecFromBssDesc(prAdapter,
STA_TYPE_ADHOC_PEER, prAdapter->prAisBssInfo->ucBssIndex, prBssDesc);
-
+ if (!prStaRec) {
+ DBGLOG(AIS, ERROR, "prStaRec is NULL!\n");
+ return;
+ }
prStaRec->fgIsMerging = TRUE;
prAisFsmInfo->prTargetStaRec = prStaRec;
diff --git a/mgmt/p2p_func.c b/mgmt/p2p_func.c
index e58c793..361ec63 100644
--- a/mgmt/p2p_func.c
+++ b/mgmt/p2p_func.c
@@ -4121,9 +4121,13 @@
cnmMgtPktFree(prAdapter, prP2pProbeRspInfo->prProbeRspMsduTemplate);
prP2pProbeRspInfo->prProbeRspMsduTemplate = cnmMgtPktAlloc(prAdapter, u4BcnBufLen);
+ if (!prP2pProbeRspInfo->prProbeRspMsduTemplate) {
+ DBGLOG(P2P, ERROR, "cnmMgtPktAlloc fail!\n");
+ rWlanStatus = WLAN_STATUS_FAILURE;
+ break;
+ }
prMsduInfo = prP2pProbeRspInfo->prProbeRspMsduTemplate;
-
prMsduInfo->eSrc = TX_PACKET_MGMT;
prMsduInfo->ucStaRecIndex = 0xFF;
prMsduInfo->ucBssIndex = prP2pBssInfo->ucBssIndex;
diff --git a/nic/nic_tx.c b/nic/nic_tx.c
index 3f7f54c..a4eb754 100644
--- a/nic/nic_tx.c
+++ b/nic/nic_tx.c
@@ -3368,7 +3368,10 @@
return;
prStaRec = cnmGetStaRecByIndex(prAdapter, ucStaRecIndex);
- ASSERT(prStaRec);
+ if (!prStaRec) {
+ DBGLOG(TX, WARN, "prStaRec is NULL!\n");
+ return;
+ }
QUEUE_CONCATENATE_QUEUES(&prAdapter->rStaPsQueue[ucStaRecIndex], prQue);
QUEUE_REMOVE_HEAD(&prAdapter->rStaPsQueue[ucStaRecIndex], prQueueEntry, P_QUE_ENTRY_T);
diff --git a/os/linux/gl_kal.c b/os/linux/gl_kal.c
index b67cfaa..fbf3e26 100644
--- a/os/linux/gl_kal.c
+++ b/os/linux/gl_kal.c
@@ -4056,15 +4056,17 @@
UINT_32 kalWriteToFile(const PUINT_8 pucPath, BOOLEAN fgDoAppend, PUINT_8 pucData, UINT_32 u4Size)
{
struct file *file = NULL;
- UINT_32 ret;
+ UINT_32 ret = 0; /* size been written */
UINT_32 u4Flags = 0;
if (fgDoAppend)
u4Flags = O_APPEND;
file = kalFileOpen(pucPath, O_WRONLY | O_CREAT | u4Flags, S_IRWXU);
- ret = kalFileWrite(file, 0, pucData, u4Size);
- kalFileClose(file);
+ if (file) {
+ ret = kalFileWrite(file, 0, pucData, u4Size);
+ kalFileClose(file);
+ }
return ret;
}
diff --git a/os/linux/gl_p2p_kal.c b/os/linux/gl_p2p_kal.c
index 3fe22c3..f1b32e4 100644
--- a/os/linux/gl_p2p_kal.c
+++ b/os/linux/gl_p2p_kal.c
@@ -949,6 +949,10 @@
rRfChannelInfo.ucChannelNum = u4ChannelNum;
prIEEE80211ChnlStruct = kalP2pFuncGetChannelEntry(prGlueP2pInfo, &rRfChannelInfo);
+ if (!prIEEE80211ChnlStruct) {
+ DBGLOG(P2P, ERROR, "prIEEE80211ChnlStruct is NULL!\n");
+ break;
+ }
kalP2pFuncGetChannelType(eSco, &eChnlType);
diff --git a/os/linux/hif/usb/usb.c b/os/linux/hif/usb/usb.c
index 9fae786..9c882d0 100644
--- a/os/linux/hif/usb/usb.c
+++ b/os/linux/hif/usb/usb.c
@@ -234,8 +234,10 @@
ASSERT(intf);
prGlueInfo = (P_GLUE_INFO_T)usb_get_intfdata(intf);
-
- glUsbSetState(&prGlueInfo->rHifInfo, USB_STATE_LINK_DOWN);
+ if (prGlueInfo)
+ glUsbSetState(&prGlueInfo->rHifInfo, USB_STATE_LINK_DOWN);
+ else
+ DBGLOG(HAL, ERROR, "prGlueInfo is NULL!!\n");
if (g_fgDriverProbed)
pfWlanRemove();
@@ -288,6 +290,10 @@
P_GLUE_INFO_T prGlueInfo = (P_GLUE_INFO_T)usb_get_intfdata(intf);
DBGLOG(HAL, STATE, "mtk_usb_resume()\n");
+ if (!prGlueInfo) {
+ DBGLOG(HAL, ERROR, "prGlueInfo is NULL!\n");
+ return -EFAULT;
+ }
/* NOTE: USB bus may not really do suspend and resume*/
ret = usb_control_msg(prGlueInfo->rHifInfo.udev,
@@ -614,6 +620,10 @@
INIT_LIST_HEAD(prHead);
prUsbReqs = kcalloc(u4Cnt, sizeof(struct _USB_REQ_T), GFP_ATOMIC);
+ if (!prUsbReqs) {
+ DBGLOG(HAL, ERROR, "kcalloc fail!\n");
+ return NULL;
+ }
prUsbReq = prUsbReqs;
for (i = 0; i < u4Cnt; ++i) {
