lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sun, 11 Dec 2022 20:24:29 +0900 From: Vincent MAILHOL <mailhol.vincent@...adoo.fr> To: Johan Hovold <johan@...nel.org> Cc: Marc Kleine-Budde <mkl@...gutronix.de>, linux-can@...r.kernel.org, Oliver Neukum <oneukum@...e.com>, Wolfgang Grandegger <wg@...ndegger.com>, "David S . Miller" <davem@...emloft.net>, Eric Dumazet <edumazet@...gle.com>, Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>, Frank Jungclaus <frank.jungclaus@....eu>, socketcan@....eu, Yasushi SHOJI <yashi@...cecubics.com>, Stefan Mätje <stefan.maetje@....eu>, Hangyu Hua <hbh25y@...il.com>, Oliver Hartkopp <socketcan@...tkopp.net>, Peter Fink <pfink@...ist-es.de>, Jeroen Hofstee <jhofstee@...tronenergy.com>, Christoph Möhring <cmoehring@...ist-es.de>, John Whittington <git@...engineering.co.uk>, Vasanth Sadhasivan <vasanth.sadhasivan@...sara.com>, Jimmy Assarsson <extja@...ser.com>, Anssi Hannula <anssi.hannula@...wise.fi>, Pavel Skripkin <paskripkin@...il.com>, Stephane Grosjean <s.grosjean@...k-system.com>, Wolfram Sang <wsa+renesas@...g-engineering.com>, "Gustavo A . R . Silva" <gustavoars@...nel.org>, Julia Lawall <Julia.Lawall@...ia.fr>, Dongliang Mu <dzm91@...t.edu.cn>, Sebastian Haas <haas@...-wuensche.com>, Maximilian Schneider <max@...neidersoft.net>, Daniel Berglund <db@...ser.com>, Olivier Sobrie <olivier@...rie.be>, Remigiusz Kołłątaj <remigiusz.kollataj@...ica.com>, Jakob Unterwurzacher <jakob.unterwurzacher@...obroma-systems.com>, Martin Elshuber <martin.elshuber@...obroma-systems.com>, Bernd Krumboeck <b.krumboeck@...il.com>, netdev@...r.kernel.org, linux-kernel@...r.kernel.org, Alan Stern <stern@...land.harvard.edu>, linux-usb@...r.kernel.org Subject: Re: [PATCH v2 1/9] can: ems_usb: ems_usb_disconnect(): fix NULL pointer dereference On Tue. 10 déc. 2022 à 20:02, Johan Hovold <johan@...nel.org> wrote: > On Sat, Dec 10, 2022 at 06:01:49PM +0900, Vincent Mailhol wrote: > > ems_usb sets the driver's priv data to NULL before waiting for the > > completion of outsdanding urbs. This can results in NULL pointer > > dereference, c.f. [1] and [2]. > > Please stop making hand-wavy claims like this. There is no risk for a > NULL-pointer deference here, and if you think otherwise you need to > explain how that can happen in detail for each driver. Understood. *My* mistake comes from this message from Alan [1]: | But if a driver does make the call, it should be careful to | ensure that the call happens _after_ the driver is finished | using the interface-data pointer. For example, after all | outstanding URBs have completed, if the completion handlers | will need to call usb_get_intfdata(). I did not pay enough attention to the "if the completion handlers will need to call usb_get_intfdata()" part and jumped into the incorrect conclusion that any use of usb_set_intfdata(intf, NULL) before URB completion was erroneous. My deep apologies for all the noise. Please forget this series and one more time, thank you for your patience. [1] https://lore.kernel.org/linux-usb/Y4OD70GD4KnoRk0k@rowland.harvard.edu/
Powered by blists - more mailing lists