lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 28 Oct 2021 02:20:33 +0000 From: YE Chengfeng <cyeaa@...nect.ust.hk> To: Zhou Wang <wangzhou1@...ilicon.com>, "herbert@...dor.apana.org.au" <herbert@...dor.apana.org.au>, "davem@...emloft.net" <davem@...emloft.net> CC: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org> Subject: 回复: drivers/crypto: suspected missing null check in hisi_qm_pre_init Got it. Thanks for your reply. Best regards, Chengfeng -----邮件原件----- 发件人: Zhou Wang <wangzhou1@...ilicon.com> 发送时间: 2021年10月28日 9:24 收件人: YE Chengfeng <cyeaa@...nect.ust.hk>; herbert@...dor.apana.org.au; davem@...emloft.net 抄送: linux-kernel@...r.kernel.org 主题: Re: drivers/crypto: suspected missing null check in hisi_qm_pre_init > Hi, > > https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgith > ub.com%2Ftorvalds%2Flinux%2Fblob%2Fmaster%2Fdrivers%2Fcrypto%2Fhisilic > on%2Fqm.c%23L3286&data=04%7C01%7Ccyeaa%40connect.ust.hk%7C98c99b9b > 25084a3fac8d08d999b1a9cb%7C6c1d415239d044ca88d9b8d6ddca0708%7C1%7C0%7C > 637709810602673947%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjo > iV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=e3p0PP1tp%2BA > %2BrUALUgrowuYEZT3L21WoQBqfAn5iKac%3D&reserved=0 > > We notice that at #line 3286, the return pointer of ACPI_COMPANION is not null-checked, and then it's dereferenced in acpi_device_power_manageable. Seems that it could be a potential null-pointer-dereference issue. > > This is detected by our experimental static analysis tool, it could be false positive, so we manually check and report those we think may be true bugs. Would you like to have a look at them? If it's real bug, we could like to provide patch to ease your workflow. Hi Chengfeng, It will reture NULL when ACPI is disabled, however this driver deponds on ACPI, which is already set in Kconfig. So no need do null-checked here. Thanks, Zhou > > Thanks so much, > Chengfeng > . >
Powered by blists - more mailing lists