lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.44L0.1102281006560.2161-100000@iolanthe.rowland.org>
Date:	Mon, 28 Feb 2011 10:14:16 -0500 (EST)
From:	Alan Stern <stern@...land.harvard.edu>
To:	Jiri Slaby <jslaby@...e.cz>
cc:	gregkh@...e.de, <linux-usb@...r.kernel.org>,
	<linux-kernel@...r.kernel.org>, <jirislaby@...il.com>,
	Alan Cox <alan@...ux.intel.com>
Subject: Re: [PATCH 1/2] USB: serial/keyspan_pda, fix potential tty NULL
 dereferences

On Mon, 28 Feb 2011, Jiri Slaby wrote:

> Make sure that we check the return value of tty_port_tty_get.
> Sometimes it may return NULL and we later dereference that.
> 
> There are several places to check. For easier handling,
> tty_port_tty_get is moved directly to the palce where needed in
> keyspan_pda_rx_interrupt.
> 
> Signed-off-by: Jiri Slaby <jslaby@...e.cz>
> Cc: Alan Cox <alan@...ux.intel.com>
> Cc: Greg Kroah-Hartman <gregkh@...e.de>

I wonder about these changes.  Does it makes sense to add this checking
everywhere?  A more reasonable approach might be to make sure that
tty_port_tty_get is never called in a context where it could return
NULL.  Or would that involve just as much effort, making work routines
and so on check to see whether there's an open TTY device before doing
anything else?

Alan Stern

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ