lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 22 Oct 2009 15:55:30 -0700
From:	Greg KH <gregkh@...e.de>
To:	Haiyang Zhang <haiyangz@...rosoft.com>
Cc:	Hank Janssen <hjanssen@...rosoft.com>,
	"'linux-kernel@...r.kernel.org'" <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] Fix null pointer error after vmbus loading

On Thu, Oct 22, 2009 at 03:39:05PM +0000, Haiyang Zhang wrote:
> > >         /* Make sure we are not registered already */
> > > -       if (strlen(dev_name(&child_device_ctx->device)) != 0) {
> > > +       if (dev_name(&child_device_ctx->device) != NULL &&
> > > +           strlen(dev_name(&child_device_ctx->device)) != 0) {
> > 
> > Why would the device name ever be NULL?  Why would you need to check it
> > here?
> 
> In recently kernel versions, char bus_id[BUS_ID_SIZE] in struct device
> has been replaced by char* type kobj.name, which is NULL if name is
> not yet set.

Yes, but you should never care about this being NULL.

> The function vmbus_child_device_create() alloc the memory for struct
> device_context, which includes struct device as a member. All data are
> initialized to zero, so the device name ptr, aka kobj.name, is NULL at
> the beginning:
> 	child_device_ctx = kzalloc(sizeof(struct device_context), GFP_KERNEL);
> So, a NULL pointer checking is added to avoid null pointer dereference
> error if strlen() is called on the NULL name pointer. After we confirm
> the device isn't registered yet, we will set the name and register the
> device.

But this is not how you check to see if your device is registered at
all, you can not rely on the driver core to have the name set or not to
reflect the status of the device.  Devices have many stages in their
lifecycle, and the name reliably shows none of them.

Actually, why do you need to know this?  Shouldn't you always know the
state of your device, how can you get passed an unregistered device?

That is the real fix that needs to be done here.

thanks,

greg k-h
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ