| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 20 Aug 2015 09:29:05 +0200 From: Bjørn Mork <bjorn@...k.no> To: Vivek Kumar Bhagat <vivek.bhagat@...sung.com> Cc: "netdev\@vger.kernel.org" <netdev@...r.kernel.org>, Nitin Jhanwar <nitin.j@...sung.com>, HEMANSHU SRIVASTAVA <hemanshu.s@...sung.com> Subject: Re: [PATCH] usbnet: dereference after null check in usbnet_start_xmit() and __usbnet_read_cmd() Vivek Kumar Bhagat <vivek.bhagat@...sung.com> writes: > Dear Bjorn, > >>>This is wrong. There are usbnet minidrivers depending on info->tx_fixup >>> being called with a NULL skb. > Also, if dev_hard_start_xmit() ensures that skb can not be NULL in usbnet_start_xmit() > then we should remove below check. > if (skb) <--- This check is confusing which says skb can be NULL. > skb_tx_timestamp(skb); No, that test is there because of the ugly hack in cdc_ncm. It doesn't go through dev_hard_start_xmit(), but calls usbnet_start_xmit() directly with a NULL skb as a signal to itself. Yes, I told you it was ugly ;) I do agree that it would be nice to make this go away. But until that happens usbnet_start_xmit() has to deal with NULL skbs, forwarding them to the tx_fixup hook. Bjørn -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists