lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <aNJ2IX2vuF8ZOmGj@bogus>
Date: Tue, 23 Sep 2025 11:27:45 +0100
From: Sudeep Holla <sudeep.holla@....com>
To: Dan Carpenter <dan.carpenter@...aro.org>
Cc: Kaushlendra Kumar <kaushlendra.kumar@...el.com>,
	Sudeep Holla <sudeep.holla@....com>, gregkh@...uxfoundation.org,
	dakr@...nel.org, rafael@...nel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] arch_topology: Fix incorrect error check in
 topology_parse_cpu_capacity()

On Tue, Sep 23, 2025 at 01:24:41PM +0300, Dan Carpenter wrote:
> On Tue, Sep 23, 2025 at 09:40:28AM +0100, Sudeep Holla wrote:
> > On Tue, Sep 23, 2025 at 12:55:20PM +0530, Kaushlendra Kumar wrote:
> > > Fix incorrect use of PTR_ERR_OR_ZERO() in topology_parse_cpu_capacity()
> > > which causes the code to proceed with NULL clock pointers. The current
> > > logic uses !PTR_ERR_OR_ZERO(cpu_clk) which evaluates to true for both
> > > valid pointers and NULL, leading to potential NULL pointer dereference
> > > in clk_get_rate().
> > > 
> > > PTR_ERR_OR_ZERO(cpu_clk) returns:
> > > - 0 if cpu_clk is a valid pointer or NULL
> > > - error code if cpu_clk is an error pointer
> > > 
> > > Therefore !PTR_ERR_OR_ZERO(cpu_clk) is true for both valid pointers and
> > > NULL, causing the code to call clk_get_rate(NULL) when of_clk_get()
> > > returns NULL. Replace with IS_ERR_OR_NULL() which correctly identifies
> > > only valid pointers, ensuring clk_get_rate() is called only with valid
> > > clock objects.
> > >
> > 
> > Nice catch, wonder how it survived so long unnoticed.
> 
> I don't think of_clk_get() can actually return NULL...  It's still worth
> fixing but I don't think it affects real life.
> 

Ah that explains, just looked at PTR_ERR_OR_ZERO and wondered. Thanks
for the details.

-- 
Regards,
Sudeep

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ