lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20220105085307.2410653-1-jiasheng@iscas.ac.cn>
Date:   Wed,  5 Jan 2022 16:53:07 +0800
From:   Jiasheng Jiang <jiasheng@...as.ac.cn>
To:     mika.westerberg@...ux.intel.com
Cc:     andreas.noever@...il.com, michael.jamet@...el.com,
        YehezkelShB@...il.com, linux-usb@...r.kernel.org,
        linux-kernel@...r.kernel.org, Jiasheng Jiang <jiasheng@...as.ac.cn>
Subject: Re: Re: [PATCH] thunderbolt: Check for null pointer after calling kmemdup

On Wed, Jan 05, 2022 at 03:30:47PM +0800, Mika Westerberg wrote:
> This is doing two things so I suggest sending two patches instead.

Fine, I have already sent the patch for icm_handle_event() independently.

> However, for the UUID part, I think it works fine if we get NULL (and I
> think kmemdup() issues warning too).
>
> There are probably not needed either since the "fix" here is for pretty
> rare case of running out of memory. I think there is not even a NULL
> pointer dereference because UUID is optional.

As for icm_icl_set_uuid(), I think the check for kmemdup() is needed.
Because users need to know that icm_start() fails, or they will be puzzled
why the uuid is unsetted.
So at least it is a cleanup.
if so, I would like to send patch for icm_icl_set_uuid() without fixes tag.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ