| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 25 Oct 2021 08:24:33 +0900
From: Damien Le Moal <damien.lemoal@...nsource.wdc.com>
To: YE Chengfeng <cyeaa@...nect.ust.hk>
Cc: "linux-ide@...r.kernel.org" <linux-ide@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: Potential null-pointer-dereference problem due to missing
null-checking for ata_timing_find_mode
On 2021/10/25 3:08, YE Chengfeng wrote:
> Hi,
>
> I found that the function *ata_timing_find_mode *could return a null pointer in
> some situattions, but some call sites of this function don't check whether the
> return value is a null pointer. Could it be a potential null-pointer-dereference
> problem?
> https://github.com/torvalds/linux/blob/master/drivers/ata/pata_acpi.c#L145
> <https://github.com/torvalds/linux/blob/master/drivers/ata/pata_acpi.c#L145>
> <https://github.com/torvalds/linux/blob/master/drivers/ata/pata_acpi.c#L145>
>
> linux/pata_acpi.c at master · torvalds/linux
> <https://github.com/torvalds/linux/blob/master/drivers/ata/pata_acpi.c#L145>
> Linux kernel source tree. Contribute to torvalds/linux development by creating
> an account on GitHub.
> github.com
>
>
>
> Best Regards,
> - Chengfeng
The ata_timing array last element is 0xff, which is the initial value of pio/dma
mode. So an entry will always be returned. I do not think the NULL return ever
triggers.
--
Damien Le Moal
Western Digital Research
Powered by blists - more mailing lists