[PATCH v4] usb: gadget: g_dnl: Fix NULLPTR dereference when serial# is unset

[Heiko Schocher]

Hi Michael,

On 28.01.25 04:09, Michael Ferolito wrote:
> The current behaviour of this function will dereference a null pointer
> if the serial# environment variable is unset. This was discovered on a
> board where U-Boot did not have access to the first 256MB of ram,
> resulting in a board crash.
> In the event that U-Boot has full access to memory, it will still read
> from address 0, which is probably not optimal.
> This simple check is enough to fix it
> 
> Signed-off-by: Michael Ferolito <michaelsunn101 at gmail.com>
> Cc: Marek Vasut <marex at denx.de>
> Cc: Heiko Schocher <hs at denx.de>
> Cc: Kyungmin Park <kyungmin.park at samsung.com>
> ---
>   drivers/usb/gadget/g_dnl.c | 3 ++-
>   1 file changed, 2 insertions(+), 1 deletion(-)

Nitpick:
A changelog would be nice to get an idea what has changed from version
to version ...

> diff --git a/drivers/usb/gadget/g_dnl.c b/drivers/usb/gadget/g_dnl.c
> index 631969b340..f2540eb6de 100644
> --- a/drivers/usb/gadget/g_dnl.c
> +++ b/drivers/usb/gadget/g_dnl.c
> @@ -207,7 +207,8 @@ void g_dnl_clear_detach(void)
>   static int on_serialno(const char *name, const char *value, enum env_op op,
>   		int flags)
>   {
> -	g_dnl_set_serialnumber((char *)value);
> +	if (value)
> +		g_dnl_set_serialnumber((char *)value);
>   	return 0;
>   }
>   U_BOOT_ENV_CALLBACK(serialno, on_serialno);
> 

Good catch!

Reviewed-by: Heiko Schocher <hs at denx.de>

bye,
Heiko
-- 
DENX Software Engineering GmbH,      Managing Director: Erika Unter
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
Phone: +49-8142-66989-52   Fax: +49-8142-66989-80   Email: hs at denx.de