qseecom: Fix NULL pointer dereferenceandroid-wear-n-preview-1_r0.2

Application name passed from the user space might be NULL or corrupted, which if accessed later on might end up in NULL pointer dereference. Change-Id: I3c91c19a60cee209436218dd9ea370ef53c8c8b6 Signed-off-by: William Clark <wclark@codeaurora.org>
author: William Clark <wclark@codeaurora.org> 2015-04-09 17:58:56 -0700
committer: Devin Kim <dojip.kim@lge.com> 2016-05-02 10:43:55 -0700
commit: 9fa1b1dc9923a7b5892df4feadef4bd953c8665b (patch)
tree: c65f5c8a300da4ac0042bccebde47d47b3929d0a
parent: 67bbef1886426f703a1eccb8441a10dd355b6078 (diff)
1 files changed, 5 insertions, 1 deletions
diff --git a/drivers/misc/qseecom.c b/drivers/misc/qseecom.c
index ec2733d1c520..76afe3c7f3ba 100644
--- a/drivers/misc/qseecom.c
+++ b/drivers/misc/qseecom.c
@@ -2359,7 +2359,11 @@ int qseecom_start_app(struct qseecom_handle **handle,
 	size_t len;
 	ion_phys_addr_t pa;
 
-	if (!app_name || strlen(app_name) >= MAX_APP_NAME_SIZE) {
+	if (!app_name) {
+		pr_err("failed to get the app name\n");
+		return -EINVAL;
+	}
+	if (strlen(app_name) >= MAX_APP_NAME_SIZE) {
 		pr_err("The app_name (%s) with length %zu is not valid\n",
 			app_name, strlen(app_name));
 		return -EINVAL;
author	William Clark <wclark@codeaurora.org>	2015-04-09 17:58:56 -0700
committer	Devin Kim <dojip.kim@lge.com>	2016-05-02 10:43:55 -0700
commit	9fa1b1dc9923a7b5892df4feadef4bd953c8665b (patch)
tree	c65f5c8a300da4ac0042bccebde47d47b3929d0a
parent	67bbef1886426f703a1eccb8441a10dd355b6078 (diff)