lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20191228134824.GX25745@shell.armlinux.org.uk>
Date:   Sat, 28 Dec 2019 13:48:24 +0000
From:   Russell King - ARM Linux admin <linux@...linux.org.uk>
To:     Gen Zhang <blackgod016574@...il.com>
Cc:     bgolaszewski@...libre.com, nsekhar@...com,
        linux-kernel@...r.kernel.org, linux-arm-kernel@...ts.infradead.org
Subject: Re: [PATCH] board-dm644x-evm: fix 2 missing-check bugs in
 evm_led_setup()

On Sat, Dec 28, 2019 at 09:19:30PM +0800, Gen Zhang wrote:
> On Fri, Dec 27, 2019 at 04:01:42PM +0000, Russell King - ARM Linux admin wrote:
> > On Fri, Dec 27, 2019 at 10:39:21AM +0800, Gen Zhang wrote:
> > > In evm_led_setup(), the allocation result of platform_device_alloc() and 
> > > platform_device_add_data() should be checked.
> > > 
> > > Signed-off-by: Gen Zhang <blackgod016574@...il.com>
> > > ---
> > > diff --git a/arch/arm/mach-davinci/board-dm644x-evm.c b/arch/arm/mach-davinci/board-dm644x-evm.c
> > > index 9d87d4e..9cd2785 100644
> > > --- a/arch/arm/mach-davinci/board-dm644x-evm.c
> > > +++ b/arch/arm/mach-davinci/board-dm644x-evm.c
> > > @@ -352,15 +352,20 @@ evm_led_setup(struct i2c_client *client, int gpio, unsigned ngpio, void *c)
> > >  	 * device unregistration ...
> > >  	 */
> > >  	evm_led_dev = platform_device_alloc("leds-gpio", 0);
> > > -	platform_device_add_data(evm_led_dev,
> > > +	if (!evm_led_dev)
> > > +		return -ENOMEM;
> > > +	status = platform_device_add_data(evm_led_dev,
> > >  			&evm_led_data, sizeof evm_led_data);
> > > +	if (status)
> > > +		goto err;
> > >  
> > >  	evm_led_dev->dev.parent = &client->dev;
> > >  	status = platform_device_add(evm_led_dev);
> > > -	if (status < 0) {
> > > -		platform_device_put(evm_led_dev);
> > > -		evm_led_dev = NULL;
> > > -	}
> > > +	if (status)
> > > +		goto err;
> > > +err:
> > > +	platform_device_put(evm_led_dev);
> > > +	evm_led_dev = NULL;
> > 
> > Please look again at the above change very closely. You will want to
> > send an updated patch.
> > 
> > -- 
> > RMK's Patch system: https://www.armlinux.org.uk/developer/patches/
> > FTTC broadband for 0.8mile line in suburbia: sync at 12.1Mbps down 622kbps up
> > According to speedtest.net: 11.9Mbps down 500kbps up
> 
> Thanks for your reply. You mean the if (state < 0 ) to if (state) or
> anything else? Please point out directly.

This is the old everything-successful path through the code:

	platform_device_alloc()
	platform_device_add_data()
	platform_device_add()
	evm_led_dev is set to the device

This is the new everything-successful path through the code:

	platform_device_alloc()
	platform_device_add_data()
	platform_device_add()
	platform_device_put()
	evm_led_dev = NULL

And, specifically, the code sequence (I quote from your patch):

	if (status)
		goto err;
err:

is very stupid; it might as well not exist at all.

Since other code references evm_led_dev, one can assume that we do
not want it to be NULL for the success path. So, taking all this
together, your patch is very very wrong, and I also find it very
worrying too.

-- 
RMK's Patch system: https://www.armlinux.org.uk/developer/patches/
FTTC broadband for 0.8mile line in suburbia: sync at 12.1Mbps down 622kbps up
According to speedtest.net: 11.9Mbps down 500kbps up

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ