From: Arjan van de Ven <arjan@linux.intel.com>
Date: Sat, 11 Oct 2008 04:16:12 +0000 (-0700)
Subject: security: avoid calling a NULL function pointer in drivers/video/tvaudio.c
X-Git-Tag: v2.6.28-rc1~715
X-Git-Url: http://www.pilppa.org/gitweb/gitweb.cgi?a=commitdiff_plain;h=5ba2f67afb02c5302b2898949ed6fc3b3d37dcf1;p=linux-2.6-omap-h63xx.git

security: avoid calling a NULL function pointer in drivers/video/tvaudio.c

NULL function pointers are very bad security wise. This one got caught by
kerneloops.org quite a few times, so it's happening in the field....

Fix is simple, check the function pointer for NULL, like 6 other places
in the same function are already doing.

Signed-off-by: Arjan van de Ven <arjan@linux.intel.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
---

diff --git a/drivers/media/video/tvaudio.c b/drivers/media/video/tvaudio.c
index 463680b1328..b59e47272ab 100644
--- a/drivers/media/video/tvaudio.c
+++ b/drivers/media/video/tvaudio.c
@@ -1792,7 +1792,7 @@ static int chip_command(struct i2c_client *client,
 		break;
 	case VIDIOC_S_FREQUENCY:
 		chip->mode = 0; /* automatic */
-		if (desc->checkmode) {
+		if (desc->checkmode && desc->setmode) {
 			desc->setmode(chip,V4L2_TUNER_MODE_MONO);
 			if (chip->prevmode != V4L2_TUNER_MODE_MONO)
 				chip->prevmode = -1; /* reset previous mode */