lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <D1AE1E1C-7997-4C7D-8BFC-AB4FB2C1D464@intel.com> Date: Tue, 23 Apr 2019 19:21:42 +0000 From: "Guedes, Andre" <andre.guedes@...el.com> To: Cong Wang <xiyou.wangcong@...il.com> CC: Linux Kernel Network Developers <netdev@...r.kernel.org>, "Gomes, Vinicius" <vinicius.gomes@...el.com> Subject: Re: [PATCH 3/5] net: sched: taprio: Fix null pointer deref bug > On Apr 22, 2019, at 12:36 PM, Cong Wang <xiyou.wangcong@...il.com> wrote: > > On Mon, Apr 22, 2019 at 12:24 PM Guedes, Andre <andre.guedes@...el.com> wrote: >> >> >>> On Apr 22, 2019, at 11:07 AM, Cong Wang <xiyou.wangcong@...il.com> wrote: >>> >>> On Mon, Apr 22, 2019 at 11:04 AM Cong Wang <xiyou.wangcong@...il.com> wrote: >>>> >>>> On Fri, Apr 19, 2019 at 6:06 PM Andre Guedes <andre.guedes@...el.com> wrote: >>>>> >>>>> If 'entry' is NULL we WARN_ON() but dereference the pointer anyway, >>>>> generating a null pointer dereference bug. This patch fixes should_ >>>>> restart_cycle() so we return if the pointer is NULL. >>>> >>>> Hmm, while you are on it, how is it possible to have entry==NULL >>>> for should_restart_cycle(). It is only called in advance_sched() >>>> where entry is already checked against NULL right before it, >>>> so for me, entry is always NULL at the point of calling >>>> should_restart_cycle(). >>> >>> I meant, 'entry' is always non-NULL here... I typed too fast. >> >> Your assessment is correct. I believe the WARN_ON() was added as a defensive practice to prevent null pointer dereference in case someone misuse that helper in the future. > > Yeah, so we can just remove it. :) Fine by me. In that case, the function should_restart_cycle() will be just a dummy wrapper on list_is_last() so we should probably get rid of it and call list_is_last() within advance_sched().
Powered by blists - more mailing lists