lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <a061d870-d0ce-a580-636d-600a9a4b006f@huawei.com>
Date:   Wed, 16 Nov 2022 14:13:14 +0800
From:   Hui Tang <tanghui20@...wei.com>
To:     Jakub Kicinski <kuba@...nel.org>
CC:     <davem@...emloft.net>, <edumazet@...gle.com>, <mw@...ihalf.com>,
        <linux@...linux.org.uk>, <leon@...nel.org>, <andrew@...n.ch>,
        <netdev@...r.kernel.org>, <linux-kernel@...r.kernel.org>,
        <yusongping@...wei.com>
Subject: Re: [PATCH net v4] net: mvpp2: fix possible invalid pointer
 dereference



On 2022/11/16 12:28, Jakub Kicinski wrote:
> On Wed, 16 Nov 2022 10:14:37 +0800 Hui Tang wrote:
>> It will cause invalid pointer dereference to priv->cm3_base behind,
>> if PTR_ERR(priv->cm3_base) in mvpp2_get_sram().
>>
>> Fixes: a59d354208a7 ("net: mvpp2: enable global flow control")
>> Signed-off-by: Hui Tang <tanghui20@...wei.com>
>
> Please do not repost new versions so often:
>
> https://www.kernel.org/doc/html/next/process/maintainer-netdev.html#tl-dr
>
> do not use --in-reply-to

Thanks for pointing out, but should I resend it with [PATCH net v3]  or [PATCH net v5]?

>> diff --git a/drivers/net/ethernet/marvell/mvpp2/mvpp2_main.c b/drivers/net/ethernet/marvell/mvpp2/mvpp2_main.c
>> index d98f7e9a480e..efb582b63640 100644
>> --- a/drivers/net/ethernet/marvell/mvpp2/mvpp2_main.c
>> +++ b/drivers/net/ethernet/marvell/mvpp2/mvpp2_main.c
>> @@ -7349,6 +7349,7 @@ static int mvpp2_get_sram(struct platform_device *pdev,
>>  			  struct mvpp2 *priv)
>>  {
>>  	struct resource *res;
>> +	void __iomem *base;
>>
>>  	res = platform_get_resource(pdev, IORESOURCE_MEM, 2);
>>  	if (!res) {
>> @@ -7359,9 +7360,11 @@ static int mvpp2_get_sram(struct platform_device *pdev,
>>  		return 0;
>>  	}
>>
>> -	priv->cm3_base = devm_ioremap_resource(&pdev->dev, res);
>> +	base = devm_ioremap_resource(&pdev->dev, res);
>> +	if (!IS_ERR(base))
>> +		priv->cm3_base = base;
>>
>> -	return PTR_ERR_OR_ZERO(priv->cm3_base);
>> +	return PTR_ERR_OR_ZERO(base);
>
> Use the idiomatic error handling, keep success path un-indented:
>
> 	ptr = function();
> 	if (IS_ERR(ptr))
> 		return PTR_ERR(ptr);
>
> 	priv->bla = ptr;
> 	return 0;
> 	
>
Ok, I will fix it in next version

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ