[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAJZ5v0jSyE5chyVFFCaqOtE-huf8YH0mD6_udj2w4oA8KoN9qw@mail.gmail.com>
Date: Wed, 26 Jul 2023 16:35:35 +0200
From: "Rafael J. Wysocki" <rafael@...nel.org>
To: Kiwamu Okabe <okabe@...inux.co.jp>
Cc: "Rafael J. Wysocki" <rafael@...nel.org>,
Len Brown <lenb@...nel.org>, linux-acpi@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] ACPI: tables: Fix NULL dereference by acpi_os_map_memory()
On Wed, Jul 26, 2023 at 6:53 AM Kiwamu Okabe <okabe@...inux.co.jp> wrote:
>
> The Infer static analyzer https://fbinfer.com/ reports following
> NULL poinster dereference by the acpi_os_map_memory() function.
> I believe this patch does fix the issue without any panic.
Please demonstrate to me that the NULL pointer dereference can
actually happen in this code.
Thanks!
> Signed-off-by: Kiwamu Okabe <okabe@...inux.co.jp>
> ---
> drivers/acpi/tables.c | 6 ++++++
> 1 file changed, 6 insertions(+)
>
> diff --git a/drivers/acpi/tables.c b/drivers/acpi/tables.c
> index 8ab0a82b4da4..ae7b7343bacf 100644
> --- a/drivers/acpi/tables.c
> +++ b/drivers/acpi/tables.c
> @@ -717,6 +717,9 @@ acpi_table_initrd_override(struct acpi_table_header *existing_table,
> while (table_offset + ACPI_HEADER_SIZE <= all_tables_size) {
> table = acpi_os_map_memory(acpi_tables_addr + table_offset,
> ACPI_HEADER_SIZE);
> + if (WARN_ON(!table)) {
> + return AE_OK;
> + }
> if (table_offset + table->length > all_tables_size) {
> acpi_os_unmap_memory(table, ACPI_HEADER_SIZE);
> WARN_ON(1);
> @@ -772,6 +775,9 @@ static void __init acpi_table_initrd_scan(void)
> while (table_offset + ACPI_HEADER_SIZE <= all_tables_size) {
> table = acpi_os_map_memory(acpi_tables_addr + table_offset,
> ACPI_HEADER_SIZE);
> + if (WARN_ON(!table)) {
> + return;
> + }
> if (table_offset + table->length > all_tables_size) {
> acpi_os_unmap_memory(table, ACPI_HEADER_SIZE);
> WARN_ON(1);
> --
> 2.39.2
>
Powered by blists - more mailing lists