lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Thu, 7 Mar 2024 11:34:21 -0800
From: coverity-bot <keescook@...omium.org>
To: Jameson Thies <jthies@...gle.com>
Cc: Hans de Goede <hdegoede@...hat.com>,
	Fabrice Gasnier <fabrice.gasnier@...s.st.com>,
	Neil Armstrong <neil.armstrong@...aro.org>,
	linux-usb@...r.kernel.org, Benson Leung <bleung@...omium.org>,
	Saranya Gopal <saranya.gopal@...el.com>,
	Dmitry Baryshkov <dmitry.baryshkov@...aro.org>,
	Abhishek Pandit-Subedi <abhishekpandit@...omium.org>,
	Prashant Malani <pmalani@...omium.org>,
	Heikki Krogerus <heikki.krogerus@...ux.intel.com>,
	linux-kernel@...r.kernel.org,
	Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
	"Gustavo A. R. Silva" <gustavo@...eddedor.com>,
	linux-next@...r.kernel.org, linux-hardening@...r.kernel.org
Subject: Coverity: ucsi_check_cable(): Null pointer dereferences

Hello!

This is an experimental semi-automated report about issues detected by
Coverity from a scan of next-20240307 as part of the linux-next scan project:
https://scan.coverity.com/projects/linux-next-weekly-scan

You're getting this email because you were associated with the identified
lines of code (noted below) that were touched by commits:

  Tue Mar 5 13:11:08 2024 +0000
    f896d5e8726c ("usb: typec: ucsi: Register SOP/SOP' Discover Identity Responses")

Coverity reported the following:

*** CID 1584245:  Null pointer dereferences  (FORWARD_NULL)
drivers/usb/typec/ucsi/ucsi.c:1136 in ucsi_check_cable()
1130     	}
1131
1132     	ret = ucsi_register_cable(con);
1133     	if (ret < 0)
1134     		return ret;
1135
vvv     CID 1584245:  Null pointer dereferences  (FORWARD_NULL)
vvv     Passing "con" to "ucsi_get_cable_identity", which dereferences null "con->cable".
1136     	ret = ucsi_get_cable_identity(con);
1137     	if (ret < 0)
1138     		return ret;
1139
1140     	ret = ucsi_register_plug(con);
1141     	if (ret < 0)

If this is a false positive, please let us know so we can mark it as
such, or teach the Coverity rules to be smarter. If not, please make
sure fixes get into linux-next. :) For patches fixing this, please
include these lines (but double-check the "Fixes" first):

Reported-by: coverity-bot <keescook+coverity-bot@...omium.org>
Addresses-Coverity-ID: 1584245 ("Null pointer dereferences")
Fixes: f896d5e8726c ("usb: typec: ucsi: Register SOP/SOP' Discover Identity Responses")

Thanks for your attention!

-- 
Coverity-bot

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ