lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Mon, 17 Jul 2023 14:45:25 +0200
From:   Johan Hovold <johan@...nel.org>
To:     Konrad Dybcio <konrad.dybcio@...aro.org>
Cc:     Robert Foss <rfoss@...nel.org>, Todor Tomov <todor.too@...il.com>,
        Bryan O'Donoghue <bryan.odonoghue@...aro.org>,
        Andy Gross <agross@...nel.org>,
        Bjorn Andersson <andersson@...nel.org>,
        Mauro Carvalho Chehab <mchehab@...nel.org>,
        Marijn Suijten <marijn.suijten@...ainline.org>,
        Yassine Oudjana <y.oudjana@...tonmail.com>,
        linux-media@...r.kernel.org, linux-arm-msm@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] media: camss: Intepret OF graph connections more
 sensibly

On Mon, Jul 17, 2023 at 02:40:05PM +0200, Konrad Dybcio wrote:
> On 17.07.2023 12:48, Johan Hovold wrote:
> > On Sat, Jul 15, 2023 at 05:37:52PM +0200, Konrad Dybcio wrote:

> >> diff --git a/drivers/media/platform/qcom/camss/camss.c b/drivers/media/platform/qcom/camss/camss.c
> >> index 1ef26aea3eae..8b75197fa5d7 100644
> >> --- a/drivers/media/platform/qcom/camss/camss.c
> >> +++ b/drivers/media/platform/qcom/camss/camss.c
> >> @@ -1084,9 +1084,8 @@ static int camss_of_parse_ports(struct camss *camss)
> >>  
> >>  		remote = of_graph_get_remote_port_parent(node);
> >>  		if (!remote) {
> >> -			dev_err(dev, "Cannot get remote parent\n");
> >> -			ret = -EINVAL;
> >> -			goto err_cleanup;
> >> +			of_node_put(node);
> > 
> > This is broken and could potentially lead to a use after free.
> > 
> > Specifically, the iteration macro already takes care of putting this
> > reference.

> /**
>  * for_each_endpoint_of_node - iterate over every endpoint in a device node
>  * @parent: parent device node containing ports and endpoints
>  * @child: loop variable pointing to the current endpoint node
>  *
>  * When breaking out of the loop, of_node_put(child) has to be called manually.
>  */

Please read this comment you just pasted here again as it seems you did
not understand it.

> > 
> >> +			continue;

And again, please remember to trim your replies. Including context after
your reply is almost always wrong.

Johan

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ