| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 20 Jan 2012 09:00:38 -0800
From: Stephen Warren <swarren@...dia.com>
To: Tony Lindgren <tony@...mide.com>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
CC: Linus Walleij <linus.walleij@...ricsson.com>,
Barry Song <21cnbao@...il.com>,
Haojian Zhuang <haojian.zhuang@...vell.com>,
Grant Likely <grant.likely@...retlab.ca>,
Thomas Abraham <thomas.abraham@...aro.org>,
Rajendra Nayak <rajendra.nayak@...aro.org>,
Dong Aisheng <dong.aisheng@...aro.org>,
Shawn Guo <shawn.guo@...escale.com>
Subject: RE: [PATCH 3/4] pinctrl: Add checks for empty names in
pinmux_search_function
Tony Lindgren wrote at Friday, January 20, 2012 9:18 AM:
> Otherwise we can get the following when dealing with
> buggy data in a pinmux driver:
>
> Unable to handle kernel NULL pointer dereference at virtual address 00000000
> diff --git a/drivers/pinctrl/pinmux.c b/drivers/pinctrl/pinmux.c
> index 06b8943..ffe633d 100644
> --- a/drivers/pinctrl/pinmux.c
> +++ b/drivers/pinctrl/pinmux.c
> @@ -584,6 +584,13 @@ static int pinmux_search_function(struct pinctrl_dev *pctldev,
> selector);
> int ret;
>
> + if (!fname) {
> + pr_warning("no name for function%i\n",
> + selector);
> + selector++;
> + continue;
> + }
> +
> if (!strcmp(map->function, fname)) {
> /* Found the function, check pin group */
> ret = pinmux_check_pin_group(pctldev, selector,
Shouldn't this be BUG_ON(!fname)?
There are lots of other places that pmxops->get_function_name() is
called. Wouldn't it be better to enhance e.g. pinmux_check_ops() to
validate that all functions have a name during pinctrl registration?
--
nvpublic
Powered by blists - more mailing lists