lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <a61be974ef65d00fd22b0216fc0d85c0c226f5e9.camel@infradead.org>
Date:   Tue, 26 Oct 2021 12:29:31 +0200
From:   Amit Shah <amit@...radead.org>
To:     YE Chengfeng <cyeaa@...nect.ust.hk>,
        "amit@...nel.org" <amit@...nel.org>,
        "arnd@...db.de" <arnd@...db.de>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: drivers/char: suspected null-pointer dereference problem in
 handle_control_message

On Tue, 2021-10-26 at 06:17 +0000, YE Chengfeng wrote:
> Hi,
>  
> https://github.com/torvalds/linux/blob/master/drivers/char/virtio_console.c#L1657
>  
> Our experimental static analysis tool detects a suspected null-pointer-dereference problem. We manually check it, but It still could be false positive because we are not familiar with the code. We report this to you just in case.
>  
> We notice that in some branches of switch case at line #1582, the pointer port is null check. But null check is missing at line #1657 and line #1633. It seems like a suspected null-pointer dereference pointer. Would you like to spare some time to have a look at it?

For this NULL deref to happen, the host will have to send a port_name
command before a port_add command.  Worrying about that isn't
worthwhile.  If you'd like to add a generic `if (unlikely(!port))`
after line 1579 there, that'd be fine as a hint to the static analysis
tools, though, so just for that reason, it might be worthwhile.

		Amit

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ