lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <1422662484.1891.10.camel@palomino.walls.org>
Date:	Fri, 30 Jan 2015 19:01:24 -0500
From:	Andy Walls <awalls@...metrocast.net>
To:	Valdis.Kletnieks@...edu
Cc:	Dan Carpenter <dan.carpenter@...cle.com>,
	Rickard Strandqvist <rickard_strandqvist@...ctrumdigital.se>,
	devel@...verdev.osuosl.org, Gulsah Kose <gulsah.1004@...il.com>,
	Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
	Jarod Wilson <jarod@...sonet.com>,
	Mauro Carvalho Chehab <mchehab@....samsung.com>,
	linux-kernel@...r.kernel.org,
	Tuomas Tynkkynen <tuomas.tynkkynen@....fi>,
	Martin Kaiser <martin@...ser.cx>, linux-media@...r.kernel.org,
	Aya Mahfouz <mahfouz.saif.elyazal@...il.com>
Subject: Re: [PATCH] staging: media: lirc: lirc_zilog: Fix for possible null
 pointer dereference

On Fri, 2015-01-30 at 08:09 -0500, Valdis.Kletnieks@...edu wrote:
> On Fri, 30 Jan 2015 16:00:02 +0300, Dan Carpenter said:
> 
> > > > -	if (ir == NULL) {
> > > > -		dev_err(ir->l.dev, "close: no private_data attached to the file
> !\n");
> > >

commit be4aa8157c981a8bb9634b886bf1180f97205259
removed the dprintk(), which didn't depend on ir->l.dev, with this
dev_err() call.  That was the wrong thing to do. pr_info() is probably
the right thing to use, if one doesn't have a struct device instance.  

> > > Yes, the dev_err() call is an obvious thinko.
> > >
> > > However, I'm not sure whether removing it entirely is right either.  If
> > > there *should* be a struct IR * passed there, maybe some other printk()
> > > should be issued, or even a WARN_ON(!ir), or something?
> >
> > We set filep->private_data to non-NULL in open() so I don't think it can
> > be NULL here.
> 
> Then probably the *right* fix is to remove the *entire* if statement, as
> we can't end up doing the 'return -ENODEV'....

The if() clause is here as an artifact of being part of a mass port of
lirc drivers from userspace.  I never removed it, because I needed it
when fixing all the lirc_zilog.c ref counting.

IF I got all the lirc_zilog ref counting right, and the upper layers of
the kernel never call close() in error, then this if() statement is not
needed.

I welcome anyone wishing to audit the ref-counting in lirc_zilog.  It
was mentally exhausting to get to what I think is right.  Maybe I just
tire easily mentally though. :)

-Andy

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ