| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 7 Oct 2019 09:44:23 +0200
From: Markus Elfring <Markus.Elfring@....de>
To: Navid Emamdoost <emamd001@....edu>, Kangjie Lu <kjlu@....edu>,
Stephen McCamant <smccaman@....edu>
Cc: Navid Emamdoost <navid.emamdoost@...il.com>,
dri-devel@...ts.freedesktop.org, kernel@...gutronix.de,
linux-arm-kernel@...ts.infradead.org, linux-imx@....com,
Daniel Vetter <daniel@...ll.ch>,
David Airlie <airlied@...ux.ie>,
Fabio Estevam <festevam@...il.com>,
Philipp Zabel <p.zabel@...gutronix.de>,
Sascha Hauer <s.hauer@...gutronix.de>,
Shawn Guo <shawnguo@...nel.org>,
LKML <linux-kernel@...r.kernel.org>,
kernel-janitors@...r.kernel.org
Subject: Re: drm/imx: Checking a kmemdup() call in imx_pd_bind()
> I agree with you, kmemdup may fail so a null check seems necessary there.
Would this place (and similar ones) be pointed out for further considerations
also by the source code analysis tool which your software research group
seems to be developing?
https://github.com/umnsec/cheq/
Regards,
Markus
Powered by blists - more mailing lists