lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20140518162253.GM15585@mwanda>
Date:	Sun, 18 May 2014 19:22:53 +0300
From:	Dan Carpenter <dan.carpenter@...cle.com>
To:	Rickard Strandqvist <rickard_strandqvist@...ctrumdigital.se>
Cc:	devel@...verdev.osuosl.org,
	Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
	linux-kernel@...r.kernel.org, Masood Mehmood <ody.guru@...il.com>
Subject: Re: [PATCH] Fix for possible null pointer dereference in node.c

On Sun, May 18, 2014 at 05:49:52PM +0200, Rickard Strandqvist wrote:
> Hi
> 
> When I run cppcheck find the about 5,000 errors, of these, I selected
> the 100 most serious and has made patches. But my ability to immerse
> myself in each failure has been limited unfortunately.
> 

I am familiar with that feeling.  ;)

With Smatch, I ignore inconsistent NULL checking like this when we know
that the parameter is always non-NULL.  It was just too much hassle to
deal with.

These days I tend to report more bugs instead of fixing them myself.  I
run on linux-next and complain to the original author as soon as the
buggy code is merged.  If the code is old, then my experience is that no
one will fix it.

Also 5000 inconsistent NULL checks seems like too high of a figure.  For
my inconsistent NULL checks I get 215 of these warnings:

	sound/i2c/other/ak4xxx-adda.c:808 build_adc_controls()
	error: we previously assumed 'ak->adc_info' could be null (see line 789)

And 75 of these:

	fs/efs/inode.c:298 efs_map_block()
	warn: variable dereferenced before check 'bh' (see line 292)

regards,
dan carpenter

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ