lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20180111.135726.1299937792649052032.davem@davemloft.net>
Date:   Thu, 11 Jan 2018 13:57:26 -0500 (EST)
From:   David Miller <davem@...emloft.net>
To:     weiyongjun1@...wei.com
Cc:     andrew@...n.ch, f.fainelli@...il.com, netdev@...r.kernel.org,
        kernel-janitors@...r.kernel.org
Subject: Re: [PATCH net-next] net: phy: mdio-bcm-unimac: fix potential NULL
 dereference in unimac_mdio_probe()

From: Wei Yongjun <weiyongjun1@...wei.com>
Date: Thu, 11 Jan 2018 11:21:51 +0000

> platform_get_resource() may fail and return NULL, so we should
> better check it's return value to avoid a NULL pointer dereference
> a bit later in the code.
> 
> This is detected by Coccinelle semantic patch.
> 
> @@
> expression pdev, res, n, t, e, e1, e2;
> @@
> 
> res = platform_get_resource(pdev, t, n);
> + if (!res)
> +   return -EINVAL;
> ... when != res == NULL
> e = devm_ioremap(e1, res->start, e2);
> 
> Signed-off-by: Wei Yongjun <weiyongjun1@...wei.com>

Applied, thank you.

> diff --git a/drivers/net/phy/mdio-bcm-unimac.c b/drivers/net/phy/mdio-bcm-unimac.c
> index 08e0647..8d37066 100644
> --- a/drivers/net/phy/mdio-bcm-unimac.c
> +++ b/drivers/net/phy/mdio-bcm-unimac.c
> @@ -205,6 +205,8 @@ static int unimac_mdio_probe(struct platform_device *pdev)
>  		return -ENOMEM;
>  
>  	r = platform_get_resource(pdev, IORESOURCE_MEM, 0);
> +	if (!r)
> +		return -EINVAL;
>  
>  	/* Just ioremap, as this MDIO block is usually integrated into an
>  	 * Ethernet MAC controller register range
> 

I have to say, the devm_*() routines may make it easier to write drivers and probe
routines, but it makes patches much harder to review.

I couldn't figure out if you were leaking resources here without going into the
source file and looking at all of the relevant context.

Just though I'd make this meta-comment...

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ