lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <5ca02484-8a71-4b8c-b679-11ec11b7eef4@kili.mountain>
Date:   Tue, 2 May 2023 16:02:11 +0300
From:   Dan Carpenter <dan.carpenter@...aro.org>
To:     Thomas Zimmermann <tzimmermann@...e.de>
Cc:     oe-kbuild@...ts.linux.dev, Takashi Iwai <tiwai@...e.de>,
        lkp@...el.com, oe-kbuild-all@...ts.linux.dev,
        linux-kernel@...r.kernel.org
Subject: Re: drivers/gpu/drm/udl/udl_main.c:259 udl_get_urb_locked() warn:
 can 'unode' even be NULL?

On Tue, May 02, 2023 at 01:38:11PM +0200, Thomas Zimmermann wrote:
> Hi
> 
> Am 02.05.23 um 13:19 schrieb Dan Carpenter:
> > tree:   https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
> > head:   2caeeb9d4a1bccd923b7918427f9e9ef7151ddd8
> > commit: c5c354a3a4728045e1342166394c615d75d45377 drm/udl: Fix inconsistent urbs.count value during udl_free_urb_list()
> > config: parisc-randconfig-m031-20230421 (https://download.01.org/0day-ci/archive/20230423/202304230801.ncoG1XDr-lkp@intel.com/config)
> > compiler: hppa-linux-gcc (GCC) 12.1.0
> > 
> > If you fix the issue, kindly add following tag where applicable
> > | Reported-by: kernel test robot <lkp@...el.com>
> > | Reported-by: Dan Carpenter <error27@...il.com>
> > | Link: https://lore.kernel.org/r/202304230801.ncoG1XDr-lkp@intel.com/
> > 
> > smatch warnings:
> > drivers/gpu/drm/udl/udl_main.c:259 udl_get_urb_locked() warn: can 'unode' even be NULL?
> 
> It can't. Send a fix, if you like. OTOH it's not much of a problem either.
> 

Sure, I sent a patch.  This one is harmless, but we recently had a few
bugs that should have generated bogus NULL check warnings.

CVE-2023-1073: b12fece4c648 ("HID: check empty report_list in hid_validate_values()")
CVE-2023-1075: ffe2a2256244 ("net/tls: tls_is_tx_ready() checked list_entry")
CVE-2023-1077: 7c4a5b89a0b5 ("sched/rt: pick_next_rt_entity(): check list_entry")
CVE-2023-1078: f753a68980cf ("rds: rds_rm_zerocopy_callback() use list_first_entry()")

Although CVE-2023-1073 and CVE-2023-1077 are hard to warn about without
generating too many false positives.

regards,
dan carpenter

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ