lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <0a3516e2-2bab-4eff-a16d-7e4bc4799580@infradead.org>
Date: Fri, 23 May 2025 19:13:27 -0700
From: Randy Dunlap <rdunlap@...radead.org>
To: Bill Wendling <isanbard@...il.com>, Bill Wendling <morbo@...gle.com>,
 Masahiro Yamada <masahiroy@...nel.org>,
 Linux Kbuild mailing list <linux-kbuild@...r.kernel.org>,
 LKML <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH v3] kconfig: check for a NULL pointer before access

Hi Bill,

On 5/23/25 5:49 PM, Bill Wendling wrote:
> The call to 'prop_get_symbol' may return NULL in some cases. The if-then
> statement accesses the returned value without cheecking if it's
> non-NULL. After inlining, the compiler may treat the conditional as
> 'undefined behavior', which the compiler may take the opportunity to do
> whatever it wants with the UB path. This patch simply adds a check to
> ensure that 'def_sym' is non-NULL to avoid this behavior.
> 
> Signed-off-by: Bill Wendling <isanbard@...il.com>

Acked-by: Randy Dunlap <rdunlap@...radead.org>

although see whitespace issue below...


> ---
> Cc: Masahiro Yamada <masahiroy@...nel.org>
> Cc: linux-kbuild@...r.kernel.org
> Cc: linux-kernel@...r.kernel.org
> v3:
>  - Fix whitespace for real now.
>  - Patch from another email account so that the whitespace is retained.
> v2:
>  - Fix whitespace
> ---
>  scripts/kconfig/symbol.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/scripts/kconfig/symbol.c b/scripts/kconfig/symbol.c
> index d57f8cbba291..9c5068225328 100644
> --- a/scripts/kconfig/symbol.c
> +++ b/scripts/kconfig/symbol.c
> @@ -272,7 +272,7 @@ struct symbol *sym_choice_default(struct menu *choice)
>          if (prop->visible.tri == no)
>              continue;
>          def_sym = prop_get_symbol(prop);
> -        if (def_sym->visible != no)
> +        if (def_sym && def_sym->visible != no)
>              return def_sym;
>      }
> 

All of these lines are still indented incorrectly in what I received,
so I downloaded the patch from
https://lore.kernel.org/linux-kbuild/27de0526-0b19-4e14-8c51-1e8b0ddcf490@gmail.com/raw

Running 'patch' (not git) on it gives me:
checking file scripts/kconfig/symbol.c
Hunk #1 FAILED at 272.
1 out of 1 hunk FAILED
done

In looking at the raw patch (link above), the non -/+ lines have
an extra space at the beginning of each line (2 spaces instead of 1).
If I remove one of those spaces, the patch applies cleanly.
Or maybe I could just tell 'patch' to ignore whitespace. Yes, that
also works.

-- 
~Randy

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ