lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <0012c64a-26cb-131d-7abb-29f6741af944@gmail.com>
Date:   Thu, 27 Jul 2023 15:22:42 +0100
From:   "Colin King (gmail)" <colin.i.king@...il.com>
To:     Michael Roth <michael.roth@....com>
Cc:     Brijesh Singh <brijesh.singh@....com>,
        Borislav Petkov <bp@...e.de>, x86@...nel.org,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: potential null pointer dereference in setup_cpuid_table

Hi,

Static analysis with cppcheck found a potential null pointer dereference 
in function setup_cpuid_table in arch/x86/kernel/sev-shared.c as follows:

         if (!cc_info || !cc_info->cpuid_phys || cc_info->cpuid_len < 
PAGE_SIZE)
                 sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_CPUID);

         cpuid_table_fw = (const struct snp_cpuid_table 
*)cc_info->cpuid_phys;


cc_info is being null checked, so it's potentially null, however, the 
assignment to cpuid_table_fw is dereferencing cc_info. Either cc_info is 
never null and the null check is redundant, or there is a potential null 
pointer dereference.

Colin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ