lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Sun, 10 Apr 2022 03:51:39 +0300
From:   Grigory Vasilyev <h0tc0d3@...il.com>
To:     Christian König <christian.koenig@....com>
Cc:     Simon Ser <contact@...rsion.fr>,
        Bas Nieuwenhuizen <bas@...nieuwenhuizen.nl>,
        Rodrigo Siqueira <Rodrigo.Siqueira@....com>,
        Melissa Wen <mwen@...lia.com>,
        Alex Deucher <alexander.deucher@....com>,
        "Pan, Xinhui" <Xinhui.Pan@....com>,
        David Airlie <airlied@...ux.ie>,
        Daniel Vetter <daniel@...ll.ch>,
        Michel Dänzer <mdaenzer@...hat.com>,
        Evan Quan <evan.quan@....com>,
        Sean Paul <seanpaul@...omium.org>,
        Qingqing Zhuo <qingqing.zhuo@....com>,
        amd-gfx mailing list <amd-gfx@...ts.freedesktop.org>,
        ML dri-devel <dri-devel@...ts.freedesktop.org>,
        LKML <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] drm/amdgpu: Fix NULL pointer dereference

Christian König, Simon Ser In fact, the code looks strange, we return
the return code, but for some reason we also write false and 0. In my
opinion, the caller should do this.
Of course, you are right, but I look from the position that nothing
should fall in the user system. There may be strange errors that occur
periodically under certain conditions and do not affect developers.
Also, the user will not always be able to correctly write a bug report.

Regards, Grigory.

пт, 8 апр. 2022 г. в 17:30, Christian König <christian.koenig@....com>:
>
> Am 08.04.22 um 15:21 schrieb Grigory Vasilyev:
> > Simon Ser and Bas Nieuwenhuizen, do you understand that you are
> > proposing to make the code less safe in the future? In the future,
> > someone might rewrite the code and we'll get an error.
>
> Which is perfectly fine.
>
> See error handling is to handle userspace or hardware errors and *not*
> coding errors.
>
> Testing all pointers for NULL without any reason is not defensive, but
> rather the exactly opposite since it helps hiding real bugs.
>
> Regards,
> Christian.
>
> >
> > пт, 8 апр. 2022 г. в 14:48, Simon Ser <contact@...rsion.fr>:
> >> On Friday, April 8th, 2022 at 13:28, Bas Nieuwenhuizen <bas@...nieuwenhuizen.nl> wrote:
> >>
> >>> On Fri, Apr 8, 2022 at 12:01 PM Simon Ser contact@...rsion.fr wrote:
> >>>
> >>>> Is amdgpu_display_get_fb_info ever called with NULL tiling_flags/tmz_surface?
> >>>> If not, there's no point in adding NULL checks.
> >>> It isn't called with NULL anywhere, the NULL checks that already exist
> >>> seem redundant.
> >> Grigory, would be be willing to submit a v2 which removes the unnecessary
> >> NULL checks?
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ