| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <ae60b19d-aef8-7822-0837-b995f796c2da@gmail.com> Date: Sat, 6 Nov 2021 15:45:55 +0300 From: Pavel Skripkin <paskripkin@...il.com> To: Ajay Garg <ajaygargnsit@...il.com> Cc: linux-serial@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH v2] tty: vt: keyboard: initialize "kbs" so that kfree(kbs) runs fine even if kbs is not kmalloced. On 11/6/21 15:16, Ajay Garg wrote: > Hi Pavel, > > Thanks for the review. > >> >> Please, don't put change log into commit message. It should go under --- >> > > Ok, many thanks Pavel. > Will take care in all my future patches. > > >> >> These is only one caller of vt_do_kdgkb_ioctl, which simple does: >> >> >> case KDGKBSENT: >> case KDSKBSENT: >> return vt_do_kdgkb_ioctl(cmd, up, perm); >> >> It means, that cmd can not be different from KDGKBSENT and KDSKBSENT. >> >> I guess, you found this "issue" via static analysis tool like smatch or >> smth similar, but this bug is impossible right now. >> > > Yes, following was reported by smatch (amongst others) : > vt_do_kdgkb_ioctl() error: uninitialized symbol 'kbs'. > > > Regarding the current state, "vt_do_kdgkb_ioctl" should ideally behave > correctly independently, without bothering whether a cmd is a valid > one. From that perspective, it makes sense to ensure that kfree never > crashes. > > However, I don't have any strong opinions on what is right or what is > wrong, as long as things work fine. > > So, if there is a general consensus that the change should not be made > currently, I would be ok. > In case the change should be made, kindly let me know, I will post the > v3 patch (making change as per the review-comment of moving changelog > below ---). > > I can't say if it needed or not, since I am not the maintainer. I've just said my thoughts on this change. It looks like you missed all maintainers emails in your CC list :) └──$ ./scripts/get_maintainer.pl -f drivers/tty/vt/keyboard.c Greg Kroah-Hartman <gregkh@...uxfoundation.org> (supporter:TTY LAYER,commit_signer:10/10=100%,authored:2/10=20%,added_lines:31/66=47%,removed_lines:31/59=53%) Jiri Slaby <jirislaby@...nel.org> (supporter:TTY LAYER,commit_signer:6/10=60%,authored:3/10=30%,added_lines:14/66=21%,removed_lines:4/59=7%) Andy Shevchenko <andriy.shevchenko@...ux.intel.com> (commit_signer:4/10=40%,authored:4/10=40%,added_lines:18/66=27%,removed_lines:21/59=36%) Emil Renner Berthing <kernel@...il.dk> (commit_signer:1/10=10%,authored:1/10=10%,removed_lines:3/59=5%) linux-kernel@...r.kernel.org (open list) This is the list of people you need to send patches to. Please, use this script next time to not miss people related to your change :) The same for your other patch. With regards, Pavel Skripkin
Powered by blists - more mailing lists