lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 10 Mar 2017 11:46:23 +0000 From: Ben Hutchings <ben@...adent.org.uk> To: linux-kernel@...r.kernel.org, stable@...r.kernel.org CC: akpm@...ux-foundation.org, "Marc Kleine-Budde" <mkl@...gutronix.de>, "Einar Jón" <tolvupostur@...il.com> Subject: [PATCH 3.16 233/370] can: c_can_pci: fix null-pointer-deref in c_can_start() - set device pointer 3.16.42-rc1 review patch. If anyone has any objections, please let me know. ------------------ From: Einar Jón <tolvupostur@...il.com> commit c97c52be78b8463ac5407f1cf1f22f8f6cf93a37 upstream. The priv->device pointer for c_can_pci is never set, but it is used without a NULL check in c_can_start(). Setting it in c_can_pci_probe() like c_can_plat_probe() prevents c_can_pci.ko from crashing, with and without CONFIG_PM. This might also cause the pm_runtime_*() functions in c_can.c to actually be executed for c_can_pci devices - they are the only other place where priv->device is used, but they all contain a null check. Signed-off-by: Einar Jón <tolvupostur@...il.com> Signed-off-by: Marc Kleine-Budde <mkl@...gutronix.de> Signed-off-by: Ben Hutchings <ben@...adent.org.uk> --- drivers/net/can/c_can/c_can_pci.c | 1 + 1 file changed, 1 insertion(+) --- a/drivers/net/can/c_can/c_can_pci.c +++ b/drivers/net/can/c_can/c_can_pci.c @@ -161,6 +161,7 @@ static int c_can_pci_probe(struct pci_de dev->irq = pdev->irq; priv->base = addr; + priv->device = &pdev->dev; if (!c_can_pci_data->freq) { dev_err(&pdev->dev, "no clock frequency defined\n");
Powered by blists - more mailing lists