[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20240307134142.169523-1-rand.sec96@gmail.com>
Date: Thu, 7 Mar 2024 16:41:42 +0300
From: Rand Deeb <rand.sec96@...il.com>
To: jonas.gorski@...il.com
Cc: deeb.rand@...fident.ru,
khoroshilov@...ras.ru,
kvalo@...nel.org,
linux-kernel@...r.kernel.org,
linux-wireless@...r.kernel.org,
lvc-project@...uxtesting.org,
m@...s.ch,
rand.sec96@...il.com,
voskresenski.stanislav@...fident.ru
Subject: Re: [PATCH v3] ssb: Fix potential NULL pointer dereference in ssb_device_uevent
On Wed, Mar 6, 2024 at 10:51 PM Jonas Gorski <jonas.gorski@...il.com> wrote:
>
> Hi
>
> The NULL check is what needs to be fixed/removed, not the code
> surrounding it. This function will be called from dev_uevent() [1]
> where dev cannot be NULL. So a NULL dereference cannot happen.
>
> Most other implementors of bus_type::uevent have no NULL check. To be
> precise, there is only one other implementor with a NULL check,
> rio_uevent(), and none of the other ones have one. See e.g.
> bcma_device_uevent(), memstick_uevent(), mips_cdmm_uevent(), or
> fsl_mc_bus_uevent().
Hi Jonas,
Thank you for the feedback. To be precise there are actually 8 other
implementors (and potentially more) with a NULL check not just one
(parisc_uevent, serio_uevent, ipack_uevent, pci_uevent, pcmcia_bus_uevent,
rio_uevent, zorro_uevent, and soundbus_ueven).
After a second review, I totally concur with your observations. I quickly
judged, I believed there might be an alternative way to call the function
because it's not the only one with a null check, and actually the patch
version 1 got accknowleded, that's why i'm confused.
Given that null is improbable in this context due to the calls being made
through uevent, we should eliminate the redundant condition. In light of
this, would you recommend sending a new version (v4) of the patch with the
correct title and info, or do you think it would be more appropriate to
submit an entirely fresh patch? i'll also send patches to all of the
implementors.
Best regards.
Powered by blists - more mailing lists