[PATCH v4] usb: gadget: g_dnl: Fix NULLPTR dereference when serial# is unset

Wed Jan 29 10:27:29 CET 2025

Hi Michael,

On mar., janv. 28, 2025 at 23:31, Michael <michaelsunn101 at gmail.com> wrote:

> Are there any other action items I should take care of?

TLDR: no.

Details below:
Not at the moment. Usually we give the community some time to review.
This time depends on the custodian(maintainer) responsible for taking in the patch.

Since I'm responsible for fastboot, I usually give between 1 and 2 weeks
before I apply the changes to my tree: https://source.denx.de/u-boot/custodians/u-boot-dfu

When the change is applied, CI will test your patch. If something fails,
I might reach out to you again to help troubleshooting.

If it passes, I will later on send a pull request to Tom with this patch
included.
Once Tom accepts the pull request, this change will be merged into
master.

More details on the process here:
https://docs.u-boot.org/en/latest/develop/process.html#work-flow-of-a-custodian

Hope that clarifies things a bit, and thank you for contributing!
Mattijs

>
>
> On Tue, Jan 28, 2025 at 3:40 AM Mattijs Korpershoek
> <mkorpershoek at baylibre.com> wrote:
>>
>> Hi Michael,
>>
>> Thank you for the patch.
>>
>> On lun., janv. 27, 2025 at 21:09, Michael Ferolito <michaelsunn101 at gmail.com> wrote:
>>
>> > The current behaviour of this function will dereference a null pointer
>> > if the serial# environment variable is unset. This was discovered on a
>> > board where U-Boot did not have access to the first 256MB of ram,
>> > resulting in a board crash.
>> > In the event that U-Boot has full access to memory, it will still read
>> > from address 0, which is probably not optimal.
>> > This simple check is enough to fix it
>> >
>> > Signed-off-by: Michael Ferolito <michaelsunn101 at gmail.com>
>> > Cc: Marek Vasut <marex at denx.de>
>> > Cc: Heiko Schocher <hs at denx.de>
>> > Cc: Kyungmin Park <kyungmin.park at samsung.com>
>>
>> Reviewed-by: Mattijs Korpershoek <mkorpershoek at baylibre.com>
>>
>> > ---
>> >  drivers/usb/gadget/g_dnl.c | 3 ++-
>> >  1 file changed, 2 insertions(+), 1 deletion(-)
>> >
>> > diff --git a/drivers/usb/gadget/g_dnl.c b/drivers/usb/gadget/g_dnl.c
>> > index 631969b340..f2540eb6de 100644
>> > --- a/drivers/usb/gadget/g_dnl.c
>> > +++ b/drivers/usb/gadget/g_dnl.c
>> > @@ -207,7 +207,8 @@ void g_dnl_clear_detach(void)
>> >  static int on_serialno(const char *name, const char *value, enum env_op op,
>> >               int flags)
>> >  {
>> > -     g_dnl_set_serialnumber((char *)value);
>> > +     if (value)
>> > +             g_dnl_set_serialnumber((char *)value);
>> >       return 0;
>> >  }
>> >  U_BOOT_ENV_CALLBACK(serialno, on_serialno);
>> > --
>> > 2.48.1