media: atmel-isi: Fix crash due to missing subdev in state

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

As a result of converting to the stream-aware state functions, commit
bc0e8d91feec ("media: v4l: subdev: Switch to stream-aware state
functions") caused the sd pointer of the state passed to the
v4l2_subdev_state_get_crop() function to be dereferenced. It however
missed that the atmel-isi driver creates the v4l2_subdev_state instance
on the stack (which it shouldn't do, but that's a separate problem),
without initializing the sd field. This results in a null pointer
dereference.

Fix it by initializing the sd field.

Fixes: bc0e8d91feec ("media: v4l: subdev: Switch to stream-aware state functions")
Signed-off-by: Laurent Pinchart <laurent.pinchart@ideasonboard.com>
Signed-off-by: Sakari Ailus <sakari.ailus@linux.intel.com>
Signed-off-by: Hans Verkuil <hverkuil-cisco@xs4all.nl>

authored by

Laurent Pinchart and committed by

Hans Verkuil 2 years ago 1545c2b9 09b41950

1 changed file

expand all

drivers

media

platform

atmel

atmel-isi.c

drivers/media/platform/atmel/atmel-isi.c

··· 589 589 struct v4l2_pix_format *pixfmt = &f->fmt.pix; 590 590 struct v4l2_subdev_pad_config pad_cfg = {}; 591 591 struct v4l2_subdev_state pad_state = { 592 + .sd = isi->entity.subdev, 592 593 .pads = &pad_cfg, 593 594 }; 594 595 struct v4l2_subdev_format format = {