| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2024021154-roundworm-census-3e6e@gregkh> Date: Sun, 11 Feb 2024 11:09:10 +0000 From: Greg KH <gregkh@...uxfoundation.org> To: Rohan <rohankollambalath@...il.com> Cc: linux-kernel@...r.kernel.org Subject: Re: [PATCH] sysfs:Addresses null pointer dereference in sysfs_merge_group and sysfs_unmerge_group. On Sat, Feb 10, 2024 at 08:43:14PM +1000, Rohan wrote: > Hey, Please don't top-post, or send html email, as they get dropped from the mailing lists. > I found this bug when writing my own kernel driver. I believed the function > wasn't explicit in stating its the requirement for the name field and made > it easy for developers to mistake it with sysfs_create_group and cause a > crash. I wanted to change the code for robustness purposes. Other functions > in the same file already do this check such as sysfs_group_change_owner. Adding documentation is great, but don't add checks that are not needed, we require callers to set up things properly, otherwise the kernel would be nothing but a constant set of checks for things that can never happen. > As for why I chose -ENOENT, I did this because it was the same error code > returned if the group cannot be found by kernfs_find_and_get but I > understand if this should be changed. Yes, that is a different type of error entirely. Just do the documentation update, I'll gladly take that. thanks, greg k-h
Powered by blists - more mailing lists