lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Sat, 17 Oct 2009 08:33:47 +0200 (CEST)
From:	Julia Lawall <julia@...u.dk>
To:	Kyle McMartin <kyle@...artin.ca>, Jaroslav Kysela <perex@...ex.cz>,
	Takashi Iwai <tiwai@...e.de>, linux-parisc@...r.kernel.org,
	alsa-devel@...a-project.org, linux-kernel@...r.kernel.org,
	kernel-janitors@...r.kernel.org
Subject: [PATCH 3/14] sound/parisc: Move dereference after NULL test

From: Julia Lawall <julia@...u.dk>

If the NULL test on h is needed in snd_harmony_mixer_init, then the
dereference should be after the NULL test.

Actually, there is a sequence of calls: snd_harmony_create, then
snd_harmony_pcm_init, and then snd_harmony_mixer_init.  snd_harmony_create
initializes h, but may indeed leave it as NULL.  There was no NULL test at
the beginning of snd_harmony_pcm_init, so I have added one.  The NULL test
in snd_harmony_mixer_init is then not necessary, but in case the ordering
of the calls changes, I have left it, and moved the dereference after it.

A simplified version of the semantic match that detects this problem is as
follows (http://coccinelle.lip6.fr/):

// <smpl>
@match exists@
expression x, E;
identifier fld;
@@

* x->fld
  ... when != \(x = E\|&x\)
* x == NULL
// </smpl>

Signed-off-by: Julia Lawall <julia@...u.dk>

---
 sound/parisc/harmony.c              |    6 +++++-
 1 files changed, 5 insertions(+), 1 deletions(-)

diff --git a/sound/parisc/harmony.c b/sound/parisc/harmony.c
index e924492..f47f9e2 100644
--- a/sound/parisc/harmony.c
+++ b/sound/parisc/harmony.c
@@ -624,6 +624,9 @@ snd_harmony_pcm_init(struct snd_harmony *h)
 	struct snd_pcm *pcm;
 	int err;
 
+	if (snd_BUG_ON(!h))
+		return -EINVAL;
+
 	harmony_disable_interrupts(h);
 	
    	err = snd_pcm_new(h->card, "harmony", 0, 1, 1, &pcm);
@@ -865,11 +868,12 @@ snd_harmony_mixer_reset(struct snd_harmony *h)
 static int __devinit
 snd_harmony_mixer_init(struct snd_harmony *h)
 {
-	struct snd_card *card = h->card;
+	struct snd_card *card;
 	int idx, err;
 
 	if (snd_BUG_ON(!h))
 		return -EINVAL;
+	card = h->card;
 	strcpy(card->mixername, "Harmony Gain control interface");
 
 	for (idx = 0; idx < HARMONY_CONTROLS; idx++) {
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists