lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20100426230515.GA1388@emlix.com>
Date:	Tue, 27 Apr 2010 01:05:15 +0200
From:	Daniel Glöckner <dg@...ix.com>
To:	Dan Carpenter <error27@...il.com>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Jani Nikula <ext-jani.1.nikula@...ia.com>,
	David Brownell <dbrownell@...rs.sourceforge.net>,
	Andi Kleen <ak@...ux.intel.com>, linux-kernel@...r.kernel.org,
	kernel-janitors@...r.kernel.org
Subject: Re: [patch] gpio: potential null dereference

On Mon, Apr 26, 2010 at 09:25:20PM +0200, Dan Carpenter wrote:
> Smatch found a potential null dereference in gpio_setup_irq().  The 
> "pdesc" variable is allocated with idr_find() that can return NULL.  If
> gpio_setup_irq() is called with 0 as gpio_flags and "pdesc" is null, it
> would OOPs here.

idr_find() doesn't allocate, idr_get_new_above() does.
Assuming idr_find() never fails for an id if idr_get_new_above()
successfully allocated that id, I don't think we can reach that
line with pdesc being NULL:

- There are two gotos leading to free_sd
- #2 is after a block that allocates pdesc
- #1 is in an if (!gpio_flags) block
- We exit early if ((desc->flags & GPIO_TRIGGER_MASK) == gpio_flags)
- Therefore (desc->flags & GPIO_TRIGGER_MASK) must be != 0 to reach #1
- Trigger flags are added to desc->flags only after we have
  successfully allocated pdesc (i.e. right before return 0)
- We start off with no trigger flags set

  Daniel


-- 
Dipl.-Math. Daniel Glöckner, emlix GmbH, http://www.emlix.com
Fon +49 551 30664-0, Fax -11, Bahnhofsallee 1b, 37081 Göttingen, Germany
Sitz der Gesellschaft: Göttingen, Amtsgericht Göttingen HR B 3160
Geschäftsführung: Dr. Uwe Kracke, Ust-IdNr.: DE 205 198 055

emlix - your embedded linux partner
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ