lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20080221160907.GB28328@cs181133002.pp.htv.fi>
Date:	Thu, 21 Feb 2008 18:09:07 +0200
From:	Adrian Bunk <bunk@...nel.org>
To:	Bjorn Helgaas <bjorn.helgaas@...com>
Cc:	Rene Herman <rene.herman@...access.nl>, ambx1@....rr.com,
	linux-kernel@...r.kernel.org
Subject: Re: pnp_bus_resume(): inconsequent NULL checking

On Thu, Feb 21, 2008 at 08:26:53AM -0700, Bjorn Helgaas wrote:
> On Wednesday 20 February 2008 10:47:21 pm Rene Herman wrote:
> > On 20-02-08 17:59, Bjorn Helgaas wrote:
> > > I agree with you that we can just delete the dev->protocol tests
> > > completely. So I'd rather see something like this (built but untested):
> > >
> > >
> > > PNP: remove dev->protocol NULL checks
> > >
> > > Every PNP device should have a valid protocol pointer.  If it doesn't,
> > > something's wrong and we should oops so we can find and fix the problem.
> > >
> > > Signed-off-by: Bjorn Helgaas <bjorn.helgaas@...com>
> >
> > Ack from a functional standpoint: we are oopsing in pnp_start/stop_dev
> > _anyway_ if the protocol pointer isn't set.
> >
> > Will you coach this upstream? A 2.6.25-rc1 change from me made the coverity
> > checker pick up on it which might be considered enough of an excuse to call
> > it a regression and submit this as a fix...
> 
> I'll push it upstream, but a coverity warning seems like a marginal
> excuse for putting it in 2.6.25.  Is there any real reason it can't
> wait until 2.6.26?

The main purpose of my mail was to get an answer whether the NULL check 
should be removed or whether there's a NULL dereference that could 
happen in practice (which would have been a real bug).

A NULL check too much is not a real bug and therefore it can't count as 
a regression, so from my side it doesn't matter whether you push it as 
"trivial enough" for 2.6.25 or as "not urgent" for 2.6.26.

> > Rene.

cu
Adrian

-- 

       "Is there not promise of rain?" Ling Tan asked suddenly out
        of the darkness. There had been need of rain for many days.
       "Only a promise," Lao Er said.
                                       Pearl S. Buck - Dragon Seed

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ