| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <c2ac0349b818d3f3787b939d5eb83e3c80fc205d.1467772840.git.viresh.kumar@linaro.org> Date: Tue, 5 Jul 2016 19:57:06 -0700 From: Viresh Kumar <viresh.kumar@...aro.org> To: Wolfram Sang <wsa@...-dreams.de>, Jean Delvare <jdelvare@...e.com> Cc: linux-i2c@...r.kernel.org, linux-kernel@...r.kernel.org, gregkh@...uxfoundation.org, Johan Hovold <johan@...nel.org>, Alex Elder <elder@...aro.org>, Viresh Kumar <viresh.kumar@...aro.org> Subject: [PATCH 1/2] i2c-dev: don't get i2c adapter via i2c_dev There is no code protecting i2c_dev to be freed after it is returned from i2c_dev_get_by_minor() and using it to access the value which we already have (minor) isn't safe really. Avoid using it and get the adapter directly from 'minor'. Signed-off-by: Viresh Kumar <viresh.kumar@...aro.org> --- drivers/i2c/i2c-dev.c | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/drivers/i2c/i2c-dev.c b/drivers/i2c/i2c-dev.c index 6ecfd76270f2..66f323fd3982 100644 --- a/drivers/i2c/i2c-dev.c +++ b/drivers/i2c/i2c-dev.c @@ -485,13 +485,8 @@ static int i2cdev_open(struct inode *inode, struct file *file) unsigned int minor = iminor(inode); struct i2c_client *client; struct i2c_adapter *adap; - struct i2c_dev *i2c_dev; - - i2c_dev = i2c_dev_get_by_minor(minor); - if (!i2c_dev) - return -ENODEV; - adap = i2c_get_adapter(i2c_dev->adap->nr); + adap = i2c_get_adapter(minor); if (!adap) return -ENODEV; -- 2.7.4
Powered by blists - more mailing lists