[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20200318110108.GA2305113@kroah.com>
Date: Wed, 18 Mar 2020 12:01:08 +0100
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: Xiyu Yang <xiyuyang19@...an.edu.cn>
Cc: Arnd Bergmann <arnd@...db.de>, Vishnu DASA <vdasa@...are.com>,
Xin Tan <tanxin.ctf@...il.com>,
Allison Randal <allison@...utok.net>,
Thomas Gleixner <tglx@...utronix.de>,
linux-kernel@...r.kernel.org, yuanxzhang@...an.edu.cn, kjlu@....edu
Subject: Re: [PATCH] VMCI: Fix potential NULL pointer dereference when
acquire a lock
On Tue, Mar 17, 2020 at 12:36:47AM +0800, Xiyu Yang wrote:
> A NULL pointer can be returned by vmci_ctx_get(). Thus add a
> corresponding check so that a NULL pointer dereference will
> be avoided when acquire a lock in spin_lock.
>
> Signed-off-by: Xiyu Yang <xiyuyang19@...an.edu.cn>
> Signed-off-by: Xin Tan <tanxin.ctf@...il.com>
> ---
> drivers/misc/vmw_vmci/vmci_context.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/drivers/misc/vmw_vmci/vmci_context.c b/drivers/misc/vmw_vmci/vmci_context.c
> index 16695366ec92..a20878fba374 100644
> --- a/drivers/misc/vmw_vmci/vmci_context.c
> +++ b/drivers/misc/vmw_vmci/vmci_context.c
> @@ -898,6 +898,8 @@ void vmci_ctx_rcv_notifications_release(u32 context_id,
> bool success)
> {
> struct vmci_ctx *context = vmci_ctx_get(context_id);
> + if (context == NULL)
> + return;
But, if you look at the code, context_id is guaranteed to point to a
valid context, right? Or can this somehow get dropped between the last
"get" and this one?
Anyway, the coding style is wrong here, always run checkpatch.pl on your
patches please.
thanks,
greg k-h
Powered by blists - more mailing lists