lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <322fd9eb-8793-402a-ba6a-617591561254@amd.com>
Date: Fri, 2 Aug 2024 01:11:18 -0500
From: "Naik, Avadhut" <avadnaik@....com>
To: Ma Ke <make24@...as.ac.cn>, kristo@...nel.org, bp@...en8.de,
 tony.luck@...el.com, james.morse@....com, mchehab@...nel.org, rric@...nel.org
Cc: linux-edac@...r.kernel.org, linux-kernel@...r.kernel.org,
 stable@...r.kernel.org
Subject: Re: [PATCH v3 RESEND] EDAC/ti: Fix possible null pointer dereference
 in _emif_get_id()

On 8/1/2024 23:41, Ma Ke wrote:
> In _emif_get_id(), of_get_address() may return NULL which is later
> dereferenced. Fix this bug by adding NULL check.
> 
> Found by code review.
> 
> Cc: stable@...r.kernel.org
> Fixes: 86a18ee21e5e ("EDAC, ti: Add support for TI keystone and DRA7xx EDAC")
> Signed-off-by: Ma Ke <make24@...as.ac.cn>
> ---
> Changes in v3:
> - added the patch operations omitted in PATCH v2 RESEND compared to PATCH 
> v2. Sorry for my oversight.
> Changes in v2:
> - added Cc stable line.
> ---
>  drivers/edac/ti_edac.c | 6 ++++++
>  1 file changed, 6 insertions(+)
> 
> diff --git a/drivers/edac/ti_edac.c b/drivers/edac/ti_edac.c
> index 29723c9592f7..6f3da8d99eab 100644
> --- a/drivers/edac/ti_edac.c
> +++ b/drivers/edac/ti_edac.c
> @@ -207,6 +207,9 @@ static int _emif_get_id(struct device_node *node)
>  	int my_id = 0;
>  
>  	addrp = of_get_address(node, 0, NULL, NULL);
> +	if (!addrp)
> +		return -EINVAL;
> +
>  	my_addr = (u32)of_translate_address(node, addrp);
>  
>  	for_each_matching_node(np, ti_edac_of_match) {
> @@ -214,6 +217,9 @@ static int _emif_get_id(struct device_node *node)
>  			continue;
>  
>  		addrp = of_get_address(np, 0, NULL, NULL);
> +		if (!addrp)
> +			return -EINVAL;
> +
>  		addr = (u32)of_translate_address(np, addrp);
>  
>  		edac_printk(KERN_INFO, EDAC_MOD_NAME,

In [1], you are fixing possible NULL pointer dereferences arising from
of_get_address() and of_translate_address()
In this patch, however, you are only attempting to fix possible NULL
pointer dereferences arising from of_get_address().
Any reason why of_translate_address() doesn't need to be fixed here?

Also, since [1] and this patch are addressing possible NULL pointer
dereferences from similar functions, you may want to club them
together as a single patchset. Makes its easier for people to review.

[1]: https://lore.kernel.org/linux-edac/7021a08b-ba75-4d16-a71f-b38e48df5af3@amd.com/T/#t

-- 
Thanks,
Avadhut Naik

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ