| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 2 Jan 2022 18:47:27 +0100
From: Dominik Brodowski <linux@...inikbrodowski.net>
To: Zhou Qingyang <zhou1615@....edu>
Cc: kjlu@....edu, Lee Jones <lee.jones@...aro.org>,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference
in nonstatic_find_mem_region()
Am Wed, Dec 01, 2021 at 02:11:40AM +0800 schrieb Zhou Qingyang:
> In nonstatic_find_mem_region(), pcmcia_make_resource() is assigned to
> res and used in pci_bus_alloc_resource(). There a dereference of res
> in pci_bus_alloc_resource(), which could lead to a NULL pointer
> dereference on failure of pcmcia_make_resource().
>
> Fix this bug by adding a check of res.
>
> This bug was found by a static analyzer. The analysis employs
> differential checking to identify inconsistent security operations
> (e.g., checks or kfrees) between two code paths and confirms that the
> inconsistent operations are not recovered in the current function or
> the callers, so they constitute bugs.
>
> Note that, as a bug found by static analysis, it can be a false
> positive or hard to trigger. Multiple researchers have cross-reviewed
> the bug.
>
> Builds with CONFIG_PCCARD_NONSTATIC=y show no new warnings,
> and our static analyzer no longer warns about this code.
>
> Fixes: 49b1153adfe1 ("pcmcia: move all pcmcia_resource_ops providers into one module")
> Signed-off-by: Zhou Qingyang <zhou1615@....edu>
Same caveat as before, but applied nonetheless.
Thanks,
Dominik
Powered by blists - more mailing lists