lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Sat, 16 Feb 2019 09:09:14 +0100 (CET)
From:   Julia Lawall <julia.lawall@...6.fr>
To:     wen.yang99@....com.cn
cc:     Markus.Elfring@....de, Gilles Muller <Gilles.Muller@...6.fr>,
        nicolas.palix@...g.fr, michal.lkml@...kovi.net,
        wang.yi59@....com.cn, yamada.masahiro@...ionext.com,
        yellowriver2010@...mail.com, cheng.shengyu@....com.cn,
        cocci@...teme.lip6.fr, linux-kernel@...r.kernel.org,
        kernel-janitors@...r.kernel.org
Subject: Re: [v5] Coccinelle: semantic code search for missing put_device()



On Sat, 16 Feb 2019, wen.yang99@....com.cn wrote:

> >>> Does the first SmPL when specification include the case that a call
> >>> of the function “put_device” can occur within a branch of an if statement?
> >>
> >> It does include that,
> >
> >Thanks for this acknowledgement.
> >
> >So it seems that you find my interpretation of this bit of SmPL code appropriate.
> >
> >> but there is another execution path where the put device is not present.
> >
> >It is tried to find such cases.
> >
> >> But given the test in the if in the when code,
> >> on that execution path id is NULL, an so there is no need to put it.
> >
> >I would like to point out that the function “put_device” belongs also to
> >the category of functions which tolerate the passing of null pointers.
> >https://elixir.bootlin.com/linux/v5.0-rc6/source/drivers/base/core.c#L2053
> >https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/drivers/base/core.c?id=cb5b020a8d38f77209d0472a0fea755299a8ec78#n2053
> >
> >Have we got still different software development opinions about the need
> >for an extra pointer check in the “second” SmPL when specification?
>
> Thanks to Julia and Markus.
> We will modify the the if in the when code like this:
>
> @@ -22,7 +22,7 @@ if (id == NULL || ...) { ... return ...; }
>  ... when != put_device(&id->dev)
>      when != platform_device_put(id)
>      when != of_dev_put(id)
> -    when != if (id) { ... put_device(&id->dev) ... }
> +    when != if (...) { ... put_device(&id->dev) ... }

This looks ok.  You can check the old version and the new version and see
if there is any differencein the set of reports.

julia

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ