lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <alpine.LRH.2.21.2004021623270.21551@localhost>
Date:   Thu, 2 Apr 2020 16:24:10 +0100 (BST)
From:   Alan Maguire <alan.maguire@...cle.com>
To:     Colin King <colin.king@...onical.com>
cc:     Brendan Higgins <brendanhiggins@...gle.com>,
        Frank Rowand <frank.rowand@...y.com>,
        Shuah Khan <skhan@...uxfoundation.org>,
        Alan Maguire <alan.maguire@...cle.com>,
        linux-kselftest@...r.kernel.org, kunit-dev@...glegroups.com,
        kernel-janitors@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH][next] kunit: fix dereference of suite before it has been
 null checked

On Thu, 2 Apr 2020, Colin King wrote:

> From: Colin Ian King <colin.king@...onical.com>
> 
> Currently pointer 'suite' is dereferenced when variable success
> is being initialized before the pointer is null checked. Fix this
> by only dereferencing suite after is has been null checked.
> 
> Addresses-Coverity: ("Dereference before null check")
> Fixes: e2219db280e3 ("kunit: add debugfs /sys/kernel/debug/kunit/<suite>/results display")
> Signed-off-by: Colin Ian King <colin.king@...onical.com>

Reviewed-by: Alan Maguire <alan.maguire@...cle.com>

Thanks for spotting this!

Alan

> ---
>  lib/kunit/debugfs.c | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
> 
> diff --git a/lib/kunit/debugfs.c b/lib/kunit/debugfs.c
> index 9214c493d8b7..05547642f37c 100644
> --- a/lib/kunit/debugfs.c
> +++ b/lib/kunit/debugfs.c
> @@ -52,12 +52,13 @@ static void debugfs_print_result(struct seq_file *seq,
>  static int debugfs_print_results(struct seq_file *seq, void *v)
>  {
>  	struct kunit_suite *suite = (struct kunit_suite *)seq->private;
> -	bool success = kunit_suite_has_succeeded(suite);
> +	bool success;
>  	struct kunit_case *test_case;
>  
>  	if (!suite || !suite->log)
>  		return 0;
>  
> +	success = kunit_suite_has_succeeded(suite);
>  	seq_printf(seq, "%s", suite->log);
>  
>  	kunit_suite_for_each_test_case(suite, test_case)
> -- 
> 2.25.1
> 
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ