lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <CAFo99gaP-BiDi7A+O7a2rQqEpO0XMMO+Wgm7hdV=dMAy-QTzbw@mail.gmail.com>
Date:	Tue, 20 May 2014 23:20:01 +0200
From:	Rickard Strandqvist <rickard_strandqvist@...ctrumdigital.se>
To:	Oliver Neukum <oneukum@...e.de>
Cc:	Guennadi Liakhovetski <g.liakhovetski@....de>,
	Ali Akcaagac <aliakc@....de>,
	Jamie Lenehan <lenehan@...bble.org>,
	"James E.J. Bottomley" <JBottomley@...allels.com>,
	dc395x@...bble.org, linux-scsi@...r.kernel.org,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH] scsi: dc395x.c: Fix for possible null pointer dereference

Okay, good!
Or, do I need to do anything else :-)

Best regards
Rickard Strandqvist


2014-05-19 13:39 GMT+02:00 Oliver Neukum <oneukum@...e.de>:
> On Sun, 2014-05-18 at 21:50 +0200, Guennadi Liakhovetski wrote:
>> On Sun, 18 May 2014, Rickard Strandqvist wrote:
>>
>> > There is otherwise a risk of a possible null pointer dereference.
>> >
>> > Was largely found by using a static code analysis program called cppcheck.
>> >
>> > Signed-off-by: Rickard Strandqvist <rickard_strandqvist@...ctrumdigital.se>
>> > ---
>> >  drivers/scsi/dc395x.c |    2 +-
>> >  1 file changed, 1 insertion(+), 1 deletion(-)
>> >
>> > diff --git a/drivers/scsi/dc395x.c b/drivers/scsi/dc395x.c
>> > index 83d9bf6..0d86bc7 100644
>> > --- a/drivers/scsi/dc395x.c
>> > +++ b/drivers/scsi/dc395x.c
>> > @@ -2637,7 +2637,7 @@ static struct ScsiReqBlk *msgin_qtag(struct AdapterCtlBlk *acb,
>> >     struct ScsiReqBlk *srb = NULL;
>> >     struct ScsiReqBlk *i;
>> >     dprintkdbg(DBG_0, "msgin_qtag: (0x%p) tag=%i srb=%p\n",
>> > -              srb->cmd, tag, srb);
>> > +              srb ? srb->cmd : 0, tag, srb);
>>
>> There's not just a risk, it is a NULL-pointer dereference, so, just remove
>> it, e.g. like
>
> Indeed. Thank you both for catching this.
>
>         Regards
>                 Oliver
>
>
>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ