| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <464FA894.8090008@garzik.org> Date: Sat, 19 May 2007 21:47:00 -0400 From: Jeff Garzik <jeff@...zik.org> To: Dan Williams <dcbw@...hat.com> CC: "John W. Linville" <linville@...driver.com>, Florin Malita <fmalita@...il.com>, marcelo@...ck.org, linville@...hat.com, netdev@...r.kernel.org, linux-wireless@...r.kernel.org Subject: Re: [PATCH] libertas: skb dereferenced after netif_rx Dan Williams wrote: > On Fri, 2007-05-18 at 14:09 -0400, John W. Linville wrote: >> On Wed, May 16, 2007 at 05:01:27PM -0400, Florin Malita wrote: >>> In libertas_process_rxed_packet() and process_rxed_802_11_packet() the >>> skb is dereferenced after being passed to netif_rx (called from >>> libertas_upload_rx_packet). Spotted by Coverity (1658, 1659). >> >> Relocating the libertas_upload_rx_packet call is fine, but... >> >>> Also, libertas_upload_rx_packet() unconditionally returns 0 so the error >>> check is dead code - might as well take it out. >> Is this merely an implementation detail? Or an absolute fact? >> If the former is true, then we should preserve the error >> checking. If the latter, then we should change the signature of >> libertas_upload_rx_packet to return void. > > According to the comments, netif_rx always succeeds. I think we should > just change the return type to void since there's nothing else in that > function that can fail. According to the implementation, netif_rx() can fail. Jeff - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists