| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <4mtpditwnavptpvstqphwa2auhb6wcd63gi76w2dekw7ryn2bp@au7dyelbvzmi> Date: Tue, 20 Jan 2026 10:22:42 -0800 From: Dmitry Torokhov <dmitry.torokhov@...il.com> To: 齐柯宇 <qikeyu2017@...il.com> Cc: nick@...anahar.org, rydberg@...omail.se, jy0922.shim@...sung.com, bleung@...omium.org, ezequiel@...guardiasur.com.ar, linux-input@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH] Input: atmel_mxt_ts - fix NULL pointer dereference in mxt_object_show Hi, On Thu, Jan 15, 2026 at 03:43:37AM +0800, 齐柯宇 wrote: > diff --git a/drivers/input/touchscreen/atmel_mxt_ts.c > b/drivers/input/touchscreen/atmel_mxt_ts.c > index dd0544cc1bc1..401fcae2264d 100644 > --- a/drivers/input/touchscreen/atmel_mxt_ts.c > +++ b/drivers/input/touchscreen/atmel_mxt_ts.c > @@ -2859,6 +2859,10 @@ static ssize_t mxt_object_show(struct device *dev, > int error; > u8 *obuf; > > + /* Check for NULL to prevent race condition during firmware update */ > + if (!data->info || !data->object_table) > + return -ENODEV; > + What stops the pointers from being invalidated right here? > /* Pre-allocate buffer large enough to hold max sized object. */ > obuf = kmalloc(256, GFP_KERNEL); > if (!obuf) Thanks. -- Dmitry
Powered by blists - more mailing lists