lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Sat, 5 Sep 2015 15:26:29 -0500
From:	Michael Welling <mwelling@...e.org>
To:	Florian Fainelli <f.fainelli@...il.com>
Cc:	Andrew Lunn <andrew@...n.ch>, netdev@...r.kernel.org,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH] net: phy: Handle postive return codes in phy_connect

On Sat, Sep 05, 2015 at 01:11:51PM -0700, Florian Fainelli wrote:
> Le 09/05/15 12:47, Andrew Lunn a écrit :
> > On Sat, Sep 05, 2015 at 02:44:01PM -0500, Michael Welling wrote:
> >> On Sat, Sep 05, 2015 at 09:18:40PM +0200, Andrew Lunn wrote:
> >>> On Sat, Sep 05, 2015 at 01:01:29PM -0500, Michael Welling wrote:
> >>>> The function phy_connect_direct can possibly return a positive
> >>>> return code. Using ERR_PTR with a positive value can lead to
> >>>> deferencing of an invalid pointer.
> >>>
> >>> Is this the correct fix? Would it not be better to find where the
> >>> positive return code is from and fix that?
> >>
> >> I guess I can trace it back to find out where the positive return code
> >> is originating.
> >>
> >> Is phy_connect_direct always supposed to return valid -errno?
> > 
> > I would look at this from a different angle. A positive ERRNO is
> > probably a bug of some sort. So rather than papering over the cracks,
> > go find what the real issue is.
> 
> Agreed, you could place a WARN_ON(rc > 0) and get the offending call
> trace leading to that problem. I suspect that one of the PHY drivers
> might be returning a positive value as part of a phy_read() call and
> that does not get properly filtered out.
>

Thanks for the feedback.

Does it hurt to always have a warning on positive return codes before
using ERR_PTR?

> > 
> > It might not be an ERRNO. E.g. https://lkml.org/lkml/2015/9/3/534
> > fixed a bug where a positive value is returned which is not an
> > indication of an error.
> > 
> > 	   Andrew
> > 
> -- 
> Florian
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ