lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Sat, 19 May 2007 21:47:00 -0400
From:	Jeff Garzik <>
To:	Dan Williams <>
CC:	"John W. Linville" <>,
	Florin Malita <>,,,,
Subject: Re: [PATCH] libertas: skb dereferenced after netif_rx

Dan Williams wrote:
> On Fri, 2007-05-18 at 14:09 -0400, John W. Linville wrote:
>> On Wed, May 16, 2007 at 05:01:27PM -0400, Florin Malita wrote:
>>> In libertas_process_rxed_packet() and process_rxed_802_11_packet() the 
>>> skb is dereferenced after being passed to netif_rx (called from 
>>> libertas_upload_rx_packet). Spotted by Coverity (1658, 1659).
>> Relocating the libertas_upload_rx_packet call is fine, but...
>>> Also, libertas_upload_rx_packet() unconditionally returns 0 so the error 
>>> check is dead code - might as well take it out.
>> Is this merely an implementation detail?  Or an absolute fact?
>> If the former is true, then we should preserve the error
>> checking.  If the latter, then we should change the signature of
>> libertas_upload_rx_packet to return void.
> According to the comments, netif_rx always succeeds.  I think we should
> just change the return type to void since there's nothing else in that
> function that can fail.

According to the implementation, netif_rx() can fail.


To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to
More majordomo info at

Powered by blists - more mailing lists