lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Mon, 11 Oct 2021 16:12:55 +0200
From:   Lars-Peter Clausen <lars@...afoo.de>
To:     Yang Yingliang <yangyingliang@...wei.com>,
        linux-kernel@...r.kernel.org, linux-iio@...r.kernel.org
Cc:     ars@...afoo.de, jic23@...nel.org, alexandru.ardelean@...log.com,
        andy.shevchenko@...il.com
Subject: Re: [PATCH] iio: core: do not create debugfs when has no dev name

On 10/11/21 3:56 PM, Yang Yingliang wrote:
> I got a null-ptr-deref report when doing fault injection test:
>
> BUG: kernel NULL pointer dereference, address: 0000000000000000
> PGD 0 P4D 0
> Oops: 0000 [#1] SMP KASAN PTI
> RIP: 0010:strlen+0x0/0x20
> Call Trace:
>   start_creating+0x199/0x2f0
>   debugfs_create_dir+0x25/0x430
>   __iio_device_register+0x4da/0x1b40 [industrialio]
>   __devm_iio_device_register+0x22/0x80 [industrialio]
>   max1027_probe+0x639/0x860 [max1027]
>   spi_probe+0x183/0x210
>   really_probe+0x285/0xc30
>
> If dev_set_name() fails, the dev_name() is null, add check for
> device name before creating debugfs.

If dev_set_name() fails, shouldn't we better return an error in 
iio_device_alloc()? Otherwise the device has no name and will show up as 
<null> in sysfs.

>
> Reported-by: Hulk Robot <hulkci@...wei.com>
> Fixes: e553f182d55b ("staging: iio: core: Introduce debugfs support...")
> Signed-off-by: Yang Yingliang <yangyingliang@...wei.com>
> ---
>   drivers/iio/industrialio-core.c | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/iio/industrialio-core.c b/drivers/iio/industrialio-core.c
> index 2dc837db50f7..8974490ad536 100644
> --- a/drivers/iio/industrialio-core.c
> +++ b/drivers/iio/industrialio-core.c
> @@ -466,7 +466,7 @@ static void iio_device_register_debugfs(struct iio_dev *indio_dev)
>   	if (indio_dev->info->debugfs_reg_access == NULL)
>   		return;
>   
> -	if (!iio_debugfs_dentry)
> +	if (!iio_debugfs_dentry || !dev_name(&indio_dev->dev))
>   		return;
>   
>   	iio_dev_opaque = to_iio_dev_opaque(indio_dev);

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ