| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <529d640929c2349f2dfe6c3de20331b5b809fcfb.camel@intel.com>
Date: Mon, 3 Mar 2025 13:46:58 +0000
From: "Berg, Benjamin" <benjamin.berg@...el.com>
To: "kernel-janitors@...r.kernel.org" <kernel-janitors@...r.kernel.org>,
"Markus.Elfring@....de" <Markus.Elfring@....de>, "davem@...emloft.net"
<davem@...emloft.net>, "Berg, Johannes" <johannes.berg@...el.com>,
"kvalo@...nel.org" <kvalo@...nel.org>, "quic_srirrama@...cinc.com"
<quic_srirrama@...cinc.com>, "gregory.greenman@...el.com"
<gregory.greenman@...el.com>, "linux-wireless@...r.kernel.org"
<linux-wireless@...r.kernel.org>, "kuba@...nel.org" <kuba@...nel.org>,
"netdev@...r.kernel.org" <netdev@...r.kernel.org>, "edumazet@...gle.com"
<edumazet@...gle.com>, "Korenblit, Miriam Rachel"
<miriam.rachel.korenblit@...el.com>, "pabeni@...hat.com" <pabeni@...hat.com>
CC: "horms@...nel.org" <horms@...nel.org>, "linux-kernel@...r.kernel.org"
<linux-kernel@...r.kernel.org>, "cocci@...ia.fr" <cocci@...ia.fr>
Subject: Re: [PATCH RESEND] iwlwifi: Adjust input parameter validation in
iwl_sta_calc_ht_flags()
On Mon, 2025-03-03 at 14:18 +0100, Markus Elfring wrote:
> From: Markus Elfring <elfring@...rs.sourceforge.net>
> Date: Wed, 19 Apr 2023 19:19:34 +0200
>
> The address of a data structure member was determined before
> a corresponding null pointer check in the implementation of
> the function “iwl_sta_calc_ht_flags”.
>
> Thus avoid the risk for undefined behaviour by moving the assignment
> for the variable “sta_ht_inf” behind the null pointer check.
I am a bit confused, I don't see any risk of undefined behaviour here.
The change is obviously fine, and I guess one can argue that it is less
confusing as the compiler will generate a warning if one uses the
variable before assignment.
However, the code is both well defined and correct. If sta is NULL then
sta_ht_inf is never used, so the fact that it is effectively a NULL
pointer [offsetof(struct ieee80211_sta, deflink.ht_cap)] does not
matter.
Benjamin
> This issue was detected by using the Coccinelle software.
>
> Fixes: 046d2e7c50e3 ("mac80211: prepare sta handling for MLO
> support")
> Signed-off-by: Markus Elfring <elfring@...rs.sourceforge.net>
> ---
> drivers/net/wireless/intel/iwlwifi/dvm/sta.c | 8 ++++++--
> 1 file changed, 6 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/net/wireless/intel/iwlwifi/dvm/sta.c
> b/drivers/net/wireless/intel/iwlwifi/dvm/sta.c
> index cef43cf80620..74814ce0155e 100644
> --- a/drivers/net/wireless/intel/iwlwifi/dvm/sta.c
> +++ b/drivers/net/wireless/intel/iwlwifi/dvm/sta.c
> @@ -147,7 +147,7 @@ static void iwl_sta_calc_ht_flags(struct iwl_priv
> *priv,
> struct iwl_rxon_context *ctx,
> __le32 *flags, __le32 *mask)
> {
> - struct ieee80211_sta_ht_cap *sta_ht_inf = &sta-
> >deflink.ht_cap;
> + struct ieee80211_sta_ht_cap *sta_ht_inf;
>
> *mask = STA_FLG_RTS_MIMO_PROT_MSK |
> STA_FLG_MIMO_DIS_MSK |
> @@ -156,7 +156,11 @@ static void iwl_sta_calc_ht_flags(struct
> iwl_priv *priv,
> STA_FLG_AGG_MPDU_DENSITY_MSK;
> *flags = 0;
>
> - if (!sta || !sta_ht_inf->ht_supported)
> + if (!sta)
> + return;
> +
> + sta_ht_inf = &sta->deflink.ht_cap;
> + if (!sta_ht_inf->ht_supported)
> return;
>
> IWL_DEBUG_INFO(priv, "STA %pM SM PS mode: %s\n",
> --
> 2.40.0
>
Intel Deutschland GmbH
Registered Address: Am Campeon 10, 85579 Neubiberg, Germany
Tel: +49 89 99 8853-0, www.intel.de
Managing Directors: Sean Fennelly, Jeffrey Schneiderman, Tiffany Doon Silva
Chairperson of the Supervisory Board: Nicole Lau
Registered Office: Munich
Commercial Register: Amtsgericht Muenchen HRB 186928
Powered by blists - more mailing lists