s3c-hsudc: Fix possible nullpointer dereference during probe

The usb-interrupt is requested before the endpoints are initalised.
If an interrupt happens in the time between request_irq and the init
of the endpoint-data (as seen on the Qisda ESx00 ebook-platforms),
it is therefore possible for the interrupt handler to access endpoint-
data before its creation resulting in a null-pointer dereference.

This patch simply moves the irq request below the endpoint init.

Signed-off-by: Heiko Stuebner <heiko@sntech.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>

drivers/usb/gadget/s3c-hsudc.c

@@ -1269,19 +1269,6 @@ static int s3c_hsudc_probe(struct platform_device *pdev)
 		goto err_remap;
 	}
 
-	ret = platform_get_irq(pdev, 0);
-	if (ret < 0) {
-		dev_err(dev, "unable to obtain IRQ number\n");
-		goto err_irq;
-	}
-	hsudc->irq = ret;
-
-	ret = request_irq(hsudc->irq, s3c_hsudc_irq, 0, driver_name, hsudc);
-	if (ret < 0) {
-		dev_err(dev, "irq request failed\n");
-		goto err_irq;
-	}
-
 	spin_lock_init(&hsudc->lock);
 
 	device_initialize(&hsudc->gadget.dev);
@@ -1299,6 +1286,19 @@ static int s3c_hsudc_probe(struct platform_device *pdev)
 
 	s3c_hsudc_setup_ep(hsudc);
 
+	ret = platform_get_irq(pdev, 0);
+	if (ret < 0) {
+		dev_err(dev, "unable to obtain IRQ number\n");
+		goto err_irq;
+	}
+	hsudc->irq = ret;
+
+	ret = request_irq(hsudc->irq, s3c_hsudc_irq, 0, driver_name, hsudc);
+	if (ret < 0) {
+		dev_err(dev, "irq request failed\n");
+		goto err_irq;
+	}
+
 	hsudc->uclk = clk_get(&pdev->dev, "usb-device");
 	if (IS_ERR(hsudc->uclk)) {
 		dev_err(dev, "failed to find usb-device clock source\n");