lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 06 Jul 2017 23:35:57 -0500
From:   "Gustavo A. R. Silva" <garsilva@...eddedor.com>
To:     Peter Rosin <peda@...ntia.se>
Cc:     Jonathan Cameron <jic23@...nel.org>,
        Hartmut Knaack <knaack.h@....de>,
        Lars-Peter Clausen <lars@...afoo.de>,
        Peter Meerwald-Stadler <pmeerw@...erw.net>,
        linux-iio@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] iio: multiplexer: add NULL check on devm_kzalloc()
 return value

Hi Peter,

Quoting Peter Rosin <peda@...ntia.se>:

> On 2017-07-07 00:08, Gustavo A. R. Silva wrote:
>> Check return value from call to devm_kzalloc()
>> in order to prevent a NULL pointer dereference.
>
> Right, thanks for finding that one! There's another one inside the
> for loop that is just starting in the context of this patch. Care
> to fix checking the return value of that devm_kmemdup as well?
>

Sure, I'll send a new patch shortly.

> And someone should perhaps teach Coccinelle about devm_kmemdup...
>

Good catch, I just implemented that script.

>> This issue was detected using Coccinelle and the following semantic patch:
>>
>> @@
>> expression x;
>> identifier fld;
>> @@
>>
>> * x = devm_kzalloc(...);
>>   ... when != x == NULL
>>   x->fld
>>
>>
>
> One of these blank lines should perhaps be a "Fixes:" tag?
>

mmm, I don't get this...

> Cheers,
> peda
>
>> Signed-off-by: Gustavo A. R. Silva <garsilva@...eddedor.com>
>> ---
>>  drivers/iio/multiplexer/iio-mux.c | 3 +++
>>  1 file changed, 3 insertions(+)
>>
>> diff --git a/drivers/iio/multiplexer/iio-mux.c  
>> b/drivers/iio/multiplexer/iio-mux.c
>> index 37ba007..a8d672b 100644
>> --- a/drivers/iio/multiplexer/iio-mux.c
>> +++ b/drivers/iio/multiplexer/iio-mux.c
>> @@ -285,6 +285,9 @@ static int mux_configure_channel(struct device  
>> *dev, struct mux *mux,
>>  	child->ext_info_cache = devm_kzalloc(dev,
>>  					     sizeof(*child->ext_info_cache) *
>>  					     num_ext_info, GFP_KERNEL);
>> +	if (!child->ext_info_cache)
>> +		return -ENOMEM;
>> +
>>  	for (i = 0; i < num_ext_info; ++i) {
>>  		child->ext_info_cache[i].size = -1;
>>
>>

Thanks!
--
Gustavo A. R. Silva

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ