| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2e079a86-9582-b4fd-5e6a-7582e95ce583@canonical.com>
Date: Wed, 2 May 2018 09:46:00 +0100
From: Colin Ian King <colin.king@...onical.com>
To: Niklas Söderlund
<niklas.soderlund+renesas@...natech.se>,
Laurent Pinchart <laurent.pinchart@...asonboard.com>,
Hans Verkuil <hans.verkuil@...co.com>,
Mauro Carvalho Chehab <mchehab@...pensource.com>
Cc: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: re: media: rcar-vin: add group allocator functions
Hi there,
Static analysis with CoverityScan picked up an explicit null pointer
dereference in the the following commit:
commit 3bb4c3bc85bf77a76c921671800bde2e1bf82a88
Author: Niklas Söderlund <niklas.soderlund+renesas@...natech.se>
Date: Sat Apr 14 07:57:18 2018 -0400
media: rcar-vin: add group allocator functions
in:
+static void rvin_group_put(struct rvin_dev *vin)
+{
+ mutex_lock(&vin->group->lock);
+
+ vin->group = NULL;
vin->group is now NULL
+ vin->v4l2_dev.mdev = NULL;
+
+ if (WARN_ON(vin->group->vin[vin->id] != vin))
+ goto out;
vin->group is being dereferenced (null pointer dereference)
+
+ vin->group->vin[vin->id] = NULL;
vin->group is being dereferenced (null pointer dereference)
+out:
+ mutex_unlock(&vin->group->lock);
+
+ kref_put(&vin->group->refcount, rvin_group_release);
+}
So I think this needs fixing up.
Regards,
Colin
Powered by blists - more mailing lists