| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Y8VrhNe/g6OGMEUg@casper.infradead.org>
Date: Mon, 16 Jan 2023 15:21:40 +0000
From: Matthew Wilcox <willy@...radead.org>
To: David Hildenbrand <david@...hat.com>
Cc: Екатерина Есина
<eesina@...ralinux.ru>, Mike Kravetz <mike.kravetz@...cle.com>,
Andrew Morton <akpm@...ux-foundation.org>, linux-mm@...ck.org,
linux-kernel@...r.kernel.org, lvc-project@...uxtesting.org
Subject: Re: [PATCH mm] mm: hugetlb: Add checks for NULL for vma returned
from find_vma. find_vma may return NULL, that's why its return value is
usually checked for NULL.
On Mon, Jan 16, 2023 at 04:12:48PM +0100, David Hildenbrand wrote:
> On 16.01.23 16:10, Екатерина Есина wrote:
> > Sorry, I've noticed that I'd sent the patch without description and sent
> > version 2.
> > Function find_vma may return NULL, that's why its return value is
> > usually checked for NULL. In this case vma and its fields also should be
> > checked before dereferencing to avoid NULL pointer dereference
>
> Thanks, but again
>
> What are the symptoms? How exactly does this BUG manifest?
>
> For example, does the kernel crash, and if so, how can it be triggered?
SVACE is a static analyser. It's not very good, but the people who run
it are extremely persistent about submitting patches based solely on the
output of the tool and doing no human checks of their own. Probably best
to just ignore them, or NACK them.
Powered by blists - more mailing lists