ClabureDB: Classified Bug-Reports Database

Project: Linux Kernel

Showing error 1800

User:	Jiri Slaby
Error type:	Invalid Pointer Dereference
Error type description:	A pointer which is invalid is being dereferenced
File location:	drivers/isdn/gigaset/i4l.c
Line in file:	517
Project:	Linux Kernel
Project version:	2.6.28
Tools:	Smatch (1.59)
Entered:	2013-09-11 08:47:26 UTC

Source:

487        }
488        if (at_state->str_var[STR_NMBR]) {
489                strncpy(response.parm.setup.phone, at_state->str_var[STR_NMBR],
490                        sizeof response.parm.setup.phone - 1);
491                response.parm.setup.phone[sizeof response.parm.setup.phone - 1] = 0;
492        } else
493                response.parm.setup.phone[0] = 0;
494        if (at_state->str_var[STR_ZCPN]) {
495                strncpy(response.parm.setup.eazmsn, at_state->str_var[STR_ZCPN],
496                        sizeof response.parm.setup.eazmsn - 1);
497                response.parm.setup.eazmsn[sizeof response.parm.setup.eazmsn - 1] = 0;
498        } else
499                response.parm.setup.eazmsn[0] = 0;
500
501        if (!bcs) {
502                dev_notice(cs->dev, "no channel for incoming call\n");
503                response.command = ISDN_STAT_ICALLW;
504                response.arg = 0; //FIXME
505        } else {
506                gig_dbg(DEBUG_CMD, "Sending ICALL");
507                response.command = ISDN_STAT_ICALL;
508                response.arg = bcs->channel; //FIXME
509        }
510        response.driver = cs->myid;
511        retval = cs->iif.statcallb(&response);
512        gig_dbg(DEBUG_CMD, "Response: %d", retval);
513        switch (retval) {
514        case 0:        /* no takers */
515                return ICALL_IGNORE;
516        case 1:        /* alerting */
517                bcs->chstate |= CHS_NOTIFY_LL;
518                return ICALL_ACCEPT;
519        case 2:        /* reject */
520                return ICALL_REJECT;
521        case 3:        /* incomplete */
522                dev_warn(cs->dev,
523                       "LL requested unsupported feature: Incomplete Number\n");
524                return ICALL_IGNORE;
525        case 4:        /* proceeding */
526                /* Gigaset will send ALERTING anyway.
527                 * There doesn't seem to be a way to avoid this.

Show full sources