lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Wed, 29 Nov 2017 18:05:28 +0000
From:   Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To:     Joe Perches <joe@...ches.com>
Cc:     SF Markus Elfring <elfring@...rs.sourceforge.net>,
        linux-serial@...r.kernel.org,
        "Guilherme G. Piccoli" <gpiccoli@...ux.vnet.ibm.com>,
        Jiri Slaby <jslaby@...e.com>,
        LKML <linux-kernel@...r.kernel.org>,
        kernel-janitors@...r.kernel.org
Subject: Re: [PATCH] jsm_tty: Fix a possible null pointer dereference in two
 functions

On Wed, Nov 29, 2017 at 09:51:36AM -0800, Joe Perches wrote:
> On Wed, 2017-11-29 at 17:35 +0000, Greg Kroah-Hartman wrote:
> > On Wed, Nov 29, 2017 at 09:23:07AM -0800, Joe Perches wrote:
> > > On Wed, 2017-11-29 at 17:40 +0100, SF Markus Elfring wrote:
> > > > From: Markus Elfring <elfring@...rs.sourceforge.net>
> > > > Date: Wed, 29 Nov 2017 17:30:36 +0100
> > > > 
> > > > Move two debug messages so that a null pointer access can not happen
> > > > for the variable "ch" in these functions.
> > > 
> > > An actual defect fix!
> > 
> > Nope, not at all, this does not "fix" anything.
> 
> Well, I believe it does in unusual cases like a
> CONFIG_DYNAMIC_DEBUG when this is enabled by an
> odd +p in the dynamic debug control file.
> 
> > > Here you could probably cc stable too.
> > 
> > Nope, not worth it.
> 
> <shrug>
> 
> It's pretty unlikely, but it is an actual defect.

No it is not, those variables will never be set to NULL, so this can
never be triggered.  Walk up the call chain.

greg k-h

Powered by blists - more mailing lists