lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <86a7jjvo4y.wl-marc.zyngier@arm.com>
Date:   Tue, 29 Jan 2019 08:55:41 +0000
From:   Marc Zyngier <marc.zyngier@....com>
To:     YueHaibing <yuehaibing@...wei.com>
Cc:     <tglx@...utronix.de>, <jason@...edaemon.net>,
        <marc.w.gonzalez@...e.fr>, <mans@...sr.com>,
        <linux-kernel@...r.kernel.org>,
        <linux-arm-kernel@...ts.infradead.org>
Subject: Re: [PATCH -next] irqchip/tango: Fix potential NULL pointer dereference

On Tue, 29 Jan 2019 08:01:22 +0000,
YueHaibing <yuehaibing@...wei.com> wrote:
> 
> There is a potential NULL pointer dereference in case kzalloc()
> fails and returns NULL.
> 
> Fixes: 4bba66899ac6 ("irqchip/tango: Add support for Sigma Designs SMP86xx/SMP87xx interrupt controller")
> Signed-off-by: YueHaibing <yuehaibing@...wei.com>
> ---
>  drivers/irqchip/irq-tango.c | 2 ++
>  1 file changed, 2 insertions(+)
> 
> diff --git a/drivers/irqchip/irq-tango.c b/drivers/irqchip/irq-tango.c
> index ae28d86..a63b828 100644
> --- a/drivers/irqchip/irq-tango.c
> +++ b/drivers/irqchip/irq-tango.c
> @@ -191,6 +191,8 @@ static int __init tangox_irq_init(void __iomem *base, struct resource *baseres,
>  		panic("%pOFn: failed to get address", node);
>  
>  	chip = kzalloc(sizeof(*chip), GFP_KERNEL);
> +	if (!chip)
> +		return -ENOMEM;
>  	chip->ctl = res.start - baseres->start;
>  	chip->base = base;
>  

This is a commendable effort, but given that the whole error handling
of this driver is just to simply panic, I have the ugly feeling that
this lack of check is more a feature than a bug... Not that I like it,
but at least it is consistent.

If you're going to change that, I'd recommend you overhaul the whole
thing.

Thanks,

	M.

-- 
Jazz is not dead, it just smell funny.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ