ANDROID: USB: f_accessory: Check dev pointer before decoding ctrl request

In case of poweroff charging mode, accessory function instance is not created and due to this, _acc_dev will be NULL. If target is connected to Accessory dock in poweroff charging mode, there is a chance dev pointer is accessed, which is NULL. Hence add a check before processing control request and return error if it is NULL. Bug: 141002587 Change-Id: I4f1deb9d764b8c0bd1d7837cbc43a2933167f568 Signed-off-by: Vijayavardhan Vennapusa <vvreddy@codeaurora.org> Signed-off-by: Jack Pham <jackp@codeaurora.org> Signed-off-by: Giuliano Procida <gprocida@google.com>
2026-06-09 04:10:18 +09:00 · 2018-04-04 11:02:28 +05:30
parent 3e152f4458
commit e6662b7bb7
1 changed files with 6 additions and 0 deletions
--- a/drivers/usb/gadget/function/f_accessory.c
+++ b/drivers/usb/gadget/function/f_accessory.c
@@ -846,6 +846,12 @@ int acc_ctrlrequest(struct usb_composite_dev *cdev,
 	u16	w_length = le16_to_cpu(ctrl->wLength);
 	unsigned long flags;

+	/*
+	 * If instance is not created which is the case in power off charging
+	 * mode, dev will be NULL. Hence return error if it is the case.
+	 */
+	if (!dev)
+		return -ENODEV;
 /*
 	printk(KERN_INFO "acc_ctrlrequest "
 			"%02x.%02x v%04x i%04x l%u\n",