| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <YdVuv9ZvYmmW1nQX@lahna>
Date: Wed, 5 Jan 2022 12:11:11 +0200
From: Mika Westerberg <mika.westerberg@...ux.intel.com>
To: Jiasheng Jiang <jiasheng@...as.ac.cn>
Cc: andreas.noever@...il.com, michael.jamet@...el.com,
YehezkelShB@...il.com, linux-usb@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: Re: [PATCH] thunderbolt: Check for null pointer after calling
kmemdup
On Wed, Jan 05, 2022 at 04:53:07PM +0800, Jiasheng Jiang wrote:
> On Wed, Jan 05, 2022 at 03:30:47PM +0800, Mika Westerberg wrote:
> > This is doing two things so I suggest sending two patches instead.
>
> Fine, I have already sent the patch for icm_handle_event() independently.
Thanks!
> > However, for the UUID part, I think it works fine if we get NULL (and I
> > think kmemdup() issues warning too).
> >
> > There are probably not needed either since the "fix" here is for pretty
> > rare case of running out of memory. I think there is not even a NULL
> > pointer dereference because UUID is optional.
>
> As for icm_icl_set_uuid(), I think the check for kmemdup() is needed.
> Because users need to know that icm_start() fails, or they will be puzzled
> why the uuid is unsetted.
> So at least it is a cleanup.
> if so, I would like to send patch for icm_icl_set_uuid() without fixes tag.
I don't think icm_start() actually fails because if this. If the UUID is
not set tb_switch_add() will look it up from the host router vendor area
then.
We can log a warning or something like that (but I think that's already
done in kmemdup()).
Powered by blists - more mailing lists