| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 13 Jan 2023 23:00:45 +0200
From: Andy Shevchenko <andy.shevchenko@...il.com>
To: Alexey Khoroshilov <khoroshilov@...ras.ru>
Cc: Anastasia Belova <abelova@...ralinux.ru>,
Tomasz Duszynski <tomasz.duszynski@...akon.com>,
Lars-Peter Clausen <lars@...afoo.de>,
lvc-project@...uxtesting.org, linux-iio@...r.kernel.org,
linux-kernel@...r.kernel.org, Jonathan Cameron <jic23@...nel.org>
Subject: Re: [lvc-project] [PATCH] iio: chemical: scd30: Add check for NULL in scd30_i2c_command
On Fri, Jan 13, 2023 at 9:27 PM Alexey Khoroshilov
<khoroshilov@...ras.ru> wrote:
> On 13.01.2023 21:47, Andy Shevchenko wrote:
> > On Fri, Jan 13, 2023 at 8:41 PM Alexey Khoroshilov
> > <khoroshilov@...ras.ru> wrote:
> >> On 13.01.2023 16:33, Anastasia Belova wrote:
> >
> >> It seems it is better to put the whole validation loop under if (rsp)
> >> check.
> >
> > No. The entire patch is redundant.
> > The code that calls this function is under the control of the same
> > driver, so we know how to avoid shooting in our foot.
>
> I see, there is an assumption that response is NULL iff size is zero.
Yes. ->read() is called with (NULL, 0) and the code copes with this.
A similar situation was discussed recently and Linus T. rejected a
proposed change in vsnprintf().
> May be it could be documented, because naming of arguments does not make
> such assumption obvious for fresh readers.
Documentation improvements are always appreciated!
--
With Best Regards,
Andy Shevchenko
Powered by blists - more mailing lists