lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20220620084949.GG16517@kadam>
Date:   Mon, 20 Jun 2022 11:49:49 +0300
From:   Dan Carpenter <dan.carpenter@...cle.com>
To:     Souptick Joarder <jrdr.linux@...il.com>
Cc:     martyn@...chs.me.uk, manohar.vanga@...il.com,
        gregkh@...uxfoundation.org, alexandre.belloni@...tlin.com,
        rafael@...nel.org, mathieu.poirier@...aro.org,
        u.kleine-koenig@...gutronix.de, arnd@...db.de,
        linux-kernel@...r.kernel.org, linux-staging@...ts.linux.dev,
        Kernel test robot <lkp@...el.com>
Subject: Re: [PATCH] vme: Added NULL check for bridge

On Sun, Jun 19, 2022 at 12:36:45PM +0530, Souptick Joarder wrote:
> From: "Souptick Joarder (HPE)" <jrdr.linux@...il.com>
> 
> Kernel test robot throws below warning ->
> drivers/staging/vme_user/vme.c:662:20: warning: dereference
> of NULL 'bridge' [CWE-476] [-Wanalyzer-null-dereference]
> 
> Added a NULL check.
> 
> Reported-by: Kernel test robot <lkp@...el.com>
> Signed-off-by: Souptick Joarder (HPE) <jrdr.linux@...il.com>
> ---
>  drivers/staging/vme_user/vme.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/drivers/staging/vme_user/vme.c b/drivers/staging/vme_user/vme.c
> index b5555683a069..ede774f2fe5a 100644
> --- a/drivers/staging/vme_user/vme.c
> +++ b/drivers/staging/vme_user/vme.c
> @@ -659,7 +659,7 @@ ssize_t vme_master_read(struct vme_resource *resource, void *buf, size_t count,
>  	struct vme_master_resource *image;
>  	size_t length;
>  
> -	if (!bridge->master_read) {
> +	if (bridge && !bridge->master_read) {

This patch does not help anything.  If "bridge" is NULL here then the
kernel will just crash later in the function.  Smatch complains about it
now:

drivers/staging/vme_user/vme.c:688 vme_master_read() error: we previously assumed 'bridge' could be null (see line 666)

However, I don't believe that bridge can actually be NULL here.  We do
not write code just to silence that static checker false positives.  Fix
the checker instead.

regards,
dan carpenter

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ