lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Sun, 24 Apr 2022 14:20:58 +0800
From:   Yang Yingliang <yangyingliang@...wei.com>
To:     Guenter Roeck <linux@...ck-us.net>, <linux-kernel@...r.kernel.org>,
        <linux-hwmon@...r.kernel.org>
CC:     <jdelvare@...e.com>
Subject: Re: [PATCH 00/20] hwmon: check return value after calling
 platform_get_resource()


On 2022/4/24 12:54, Guenter Roeck wrote:
> On 4/23/22 20:35, Yang Yingliang wrote:
>> Hi,
>>
>> On 2022/4/22 21:27, Guenter Roeck wrote:
>>> On 4/22/22 02:11, Yang Yingliang wrote:
>>>> This patcheset add check after calling platform_get_resource to 
>>>> avoid null-ptr-deref
>>>> in drivers/hwmon/.
>>>>
>>>> Yang Yingliang (20):
>>>>    hwmon: (abituguru) check return value after calling
>>>>      platform_get_resource()
>>>>    hwmon: (abituguru3) check return value after calling
>>>>      platform_get_resource()
>>>>    hwmon: (dme1737) check return value after calling
>>>>      platform_get_resource()
>>>>    hwmon: (f71805f) check return value after calling
>>>>      platform_get_resource()
>>>>    hwmon: (f71882fg) check return value after calling
>>>>      platform_get_resource()
>>>>    hwmon: (it87) check return value after calling 
>>>> platform_get_resource()
>>>>    hwmon: (lm78) check return value after calling 
>>>> platform_get_resource()
>>>>    hwmon: (nct6683) check return value after calling
>>>>      platform_get_resource()
>>>>    hwmon: (nct6775) check return value after calling
>>>>      platform_get_resource()
>>>>    hwmon: (sch5627) check return value after calling
>>>>      platform_get_resource()
>>>>    hwmon: (sch5636) check return value after calling
>>>>      platform_get_resource()
>>>>    hwmon: (sis5595) check return value after calling
>>>>      platform_get_resource()
>>>>    hwmon: (smsc47b397) check return value after calling
>>>>      platform_get_resource()
>>>>    hwmon: (smsc47m1) check return value after calling
>>>>      platform_get_resource()
>>>>    hwmon: (via686a) check return value after calling
>>>>      platform_get_resource()
>>>>    hwmon: (vt1211) check return value after calling
>>>>      platform_get_resource()
>>>>    hwmon: (vt8231) check return value after calling
>>>>      platform_get_resource()
>>>>    hwmon: (w83627ehf) check return value after calling
>>>>      platform_get_resource()
>>>>    hwmon: (w83627hf) check return value after calling
>>>>      platform_get_resource()
>>>>    hwmon: (w83781d) check return value after calling
>>>>      platform_get_resource()
>>>>
>>>>   drivers/hwmon/abituguru.c  | 6 +++++-
>>>>   drivers/hwmon/abituguru3.c | 6 +++++-
>>>>   drivers/hwmon/dme1737.c    | 2 ++
>>>>   drivers/hwmon/f71805f.c    | 2 ++
>>>>   drivers/hwmon/f71882fg.c   | 6 +++++-
>>>>   drivers/hwmon/it87.c       | 2 ++
>>>>   drivers/hwmon/lm78.c       | 2 ++
>>>>   drivers/hwmon/nct6683.c    | 2 ++
>>>>   drivers/hwmon/nct6775.c    | 2 ++
>>>>   drivers/hwmon/sch5627.c    | 6 +++++-
>>>>   drivers/hwmon/sch5636.c    | 6 +++++-
>>>>   drivers/hwmon/sis5595.c    | 2 ++
>>>>   drivers/hwmon/smsc47b397.c | 2 ++
>>>>   drivers/hwmon/smsc47m1.c   | 2 ++
>>>>   drivers/hwmon/via686a.c    | 2 ++
>>>>   drivers/hwmon/vt1211.c     | 2 ++
>>>>   drivers/hwmon/vt8231.c     | 2 ++
>>>>   drivers/hwmon/w83627ehf.c  | 2 ++
>>>>   drivers/hwmon/w83627hf.c   | 2 ++
>>>>   drivers/hwmon/w83781d.c    | 2 ++
>>>>   20 files changed, 55 insertions(+), 5 deletions(-)
>>>>
>>>
>>> This series solves a problem which does not exist in reality and is 
>>> only theoretic.
>>> The devices are instantiated from their init functions which always 
>>> adds the resource.
>>> Please do not submit such patches.
>> As you said the resource will be add in init functions, I checked 
>> these drivers, the driver
>> sch5627 and sch5636 won't add resource, so need I send patches to fix 
>> these drivers ?
>>
> You might want to read the code more carefully. The drivers are 
> instantiated
> from drivers/hwmon/sch56xx-common.c which does add the resource.
Yes, it does, thanks for pointing it out.
>
> Guenter
>
> .

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ