HID: ntrig don't dereference unclaimed hidinput

Check before dereferencing field->hidinput to fix a reported invalid
deference bug.

Signed-off-by: Rafi Rubin <rafi@seas.upenn.edu>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>

diff --git a/drivers/hid/hid-ntrig.c b/drivers/hid/hid-ntrig.c
index beb4034..a93e58c 100644 (file)
--- a/drivers/hid/hid-ntrig.c
+++ b/drivers/hid/hid-ntrig.c
@@ -539,8 +539,19 @@ static int ntrig_input_mapped(struct hid_device *hdev, struct hid_input *hi,
 static int ntrig_event (struct hid_device *hid, struct hid_field *field,
                        struct hid_usage *usage, __s32 value)
 {
-       struct input_dev *input = field->hidinput->input;
        struct ntrig_data *nd = hid_get_drvdata(hid);
+       struct input_dev *input;
+
+       /* Skip processing if not a claimed input */
+       if (!(hid->claimed & HID_CLAIMED_INPUT))
+               goto not_claimed_input;
+
+       /* This function is being called before the structures are fully
+        * initialized */
+       if(!(field->hidinput && field->hidinput->input))
+               return -EINVAL;
+
+       input = field->hidinput->input;
 
        /* No special handling needed for the pen */
        if (field->application == HID_DG_PEN)
@@ -810,6 +821,8 @@ static int ntrig_event (struct hid_device *hid, struct hid_field *field,
                }
        }
 
+not_claimed_input:
+
        /* we have handled the hidinput part, now remains hiddev */
        if ((hid->claimed & HID_CLAIMED_HIDDEV) && hid->hiddev_hid_event)
                hid->hiddev_hid_event(hid, field, usage, value);