| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20230310065546.22948-1-lengxujun2007@126.com>
Date: Fri, 10 Mar 2023 14:55:46 +0800
From: Xujun Leng <lengxujun2007@....com>
To: gregkh@...uxfoundation.org
Cc: lengxujun2007@....com, linux-kernel@...r.kernel.org,
rafael@...nel.org
Subject: Re: [PATCH] driver core: platform: added arguments check for platform_device_add_resources()
> On Tue, Mar 07, 2023 at 01:01:16PM +0800, Xujun Leng wrote:
> > In the follow two cases, platform_device_add_resources() can lead an
> > invalid address access:
> > 1) If (!res && num > 0), pdev->resource will be set to NULL but
> > pdev->num_resources > 0, then a later platform_get_resource() will
> > cause invalid address access.
> > 2) If (res && num == 0), because num == 0 cause kmalloc_slab() returns
> > ZERO_SIZE_PTR, then kmemdup() will copy data to the invalid address
> > ZERO_SIZE_PTR.
> >
> > Signed-off-by: Xujun Leng <lengxujun2007@....com>
> > ---
> > drivers/base/platform.c | 3 +++
> > 1 file changed, 3 insertions(+)
> >
> > diff --git a/drivers/base/platform.c b/drivers/base/platform.c
> > index 77510e4f47de..a060941c3076 100644
> > --- a/drivers/base/platform.c
> > +++ b/drivers/base/platform.c
> > @@ -606,6 +606,9 @@ int platform_device_add_resources(struct platform_device *pdev,
> > {
> > struct resource *r = NULL;
> >
> > + if ((!res && num > 0) || (res && num == 0))
> > + return -EINVAL;
>
> What driver is causing this check to fail today? Shouldn't that be
> fixed instead?
Ok, I got it. It's the caller's responsibility to take care about that.
--
Thanks,
Xujun Leng
Powered by blists - more mailing lists