| Message ID | 20231107123600.14529-1-shum.sdl@nppct.ru |
|---|---|
| State | New |
| Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a59:aa0b:0:b0:403:3b70:6f57 with SMTP id k11csp208749vqo;
Tue, 7 Nov 2023 04:50:35 -0800 (PST)
X-Google-Smtp-Source:
AGHT+IHCcD6iD4T8Aw8Hm313TQg4C3hAz0y+qUkMVBjKTnIneAYRt/y8hRd4umzrQckza8+wkIUd
X-Received: by 2002:a17:902:cac1:b0:1ca:4092:7200 with SMTP id
y1-20020a170902cac100b001ca40927200mr21987542pld.54.1699361434975;
Tue, 07 Nov 2023 04:50:34 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1699361434; cv=none;
d=google.com; s=arc-20160816;
b=yHbAJaagCxxA1TmFiDcCF6Vuv+TRO2/3y1doXgY9S1T3xGyXwnCb5wRRp1zaBLrHA4
ToIHX+IlfElicm7hsGa5AFZCF4SlJ2biDhurP1p0L8dHfJyo3vsCIEgPvAkZCp9xpiRU
szX4i92cTHtL5z90FH7XZQ+xpBJiabGKh1C817ACtwtV/Wl5ZNEpP6+GHlOrytCFGaKu
1RDH0N5V1oysZUwrhdOwUTXLXpT3p/mxpOrvD8BWh1w774dP95yFnKKZk/S8uc0jIKMt
MJVe5vz/+38o1s5VvDoq2ROJZNZno6oceQXyxThT74x1olmLAYlgqWA6YqFHL3Xu+Wmb
h/5g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=list-id:precedence:content-transfer-encoding:mime-version
:message-id:date:subject:cc:to:from:dkim-signature;
bh=5LR+olzTYHKfq9BfttUj+zVd0qL6Duzi/F6K0yHzoT4=;
fh=qonjpPKpJnZxHwWPW54NfZBAX8IfRfN5HcxKaXiH39U=;
b=KcdCu6J+vT59SiEIQyEM4jaLVX65p4e9hH8NE/aerJIqK7WNYEHz5XS3hFZAYVbLuI
7FduTEF2ubLXaxl9/Zk81avgaila+MgvfgD0W+HuI0YRTFCp+l1WQltAkJAwPAiOtrl2
xMkYfTnF7oByAz6InfQODG32hZtyX9DkvpIOxOPd6EnsZxlgpXKuFTu/oN9rRanBQpWz
DyqB0NNDijLXaWnu3BjM1iRGk0L7f3NpE1M+2J9XZXWD4pQiZ0T6WhmGowtT37FWTzFu
zuRLN3q+6dyjwe896/un+0IUq0unHR1Rrxd2h1tXZ2NO5WFa71IYqU4El22YYjvmZ6dh
rkOw==
ARC-Authentication-Results: i=1; mx.google.com;
dkim=pass header.i=@nppct.ru header.s=dkim header.b=JiV0qAZe;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::3:7 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: from snail.vger.email (snail.vger.email. [2620:137:e000::3:7])
by mx.google.com with ESMTPS id
b1-20020a170902d40100b001cc41020674si9613548ple.518.2023.11.07.04.50.34
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Tue, 07 Nov 2023 04:50:34 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::3:7 as permitted sender)
client-ip=2620:137:e000::3:7;
Authentication-Results: mx.google.com;
dkim=pass header.i=@nppct.ru header.s=dkim header.b=JiV0qAZe;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::3:7 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
by snail.vger.email (Postfix) with ESMTP id DDAB581BBA0E;
Tue, 7 Nov 2023 04:50:33 -0800 (PST)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.10 at snail.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
id S234028AbjKGMuR (ORCPT <rfc822;lhua1029@gmail.com> + 32 others);
Tue, 7 Nov 2023 07:50:17 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59604 "EHLO
lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
with ESMTP id S1344345AbjKGMtc (ORCPT
<rfc822;linux-kernel@vger.kernel.org>);
Tue, 7 Nov 2023 07:49:32 -0500
Received: from mail.nppct.ru (mail.nppct.ru [195.133.245.4])
by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8394913AF5
for <linux-kernel@vger.kernel.org>;
Tue, 7 Nov 2023 04:36:19 -0800 (PST)
Received: from mail.nppct.ru (localhost [127.0.0.1])
by mail.nppct.ru (Postfix) with ESMTP id C011D1C0DB4
for <linux-kernel@vger.kernel.org>;
Tue, 7 Nov 2023 15:36:15 +0300 (MSK)
Authentication-Results: mail.nppct.ru (amavisd-new); dkim=pass (1024-bit key)
reason="pass (just generated, assumed good)" header.d=nppct.ru
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=nppct.ru; h=
content-transfer-encoding:mime-version:x-mailer:message-id:date
:date:subject:subject:to:from:from; s=dkim; t=1699360573; x=
1700224574; bh=x6jysyZ5oZimszC/+KWYqfqt9dmO+sPqmSEiLu28WpI=; b=J
iV0qAZeIgdJp13a2vKcTuf+PBzKnYdQyrtDViKNZqjzNxHq0yguncKnwVxhEBczY
mzGFKXzuesk4tuUnvg6Xb89omDVJTgKVv6BpySWtatPFs80N7Iq3AtK5uVSRHWGo
JNUfRhCxMwkPv+1HVx9IEskkQK+P1TRq1B18qsnDHY=
X-Virus-Scanned: Debian amavisd-new at mail.nppct.ru
Received: from mail.nppct.ru ([127.0.0.1])
by mail.nppct.ru (mail.nppct.ru [127.0.0.1]) (amavisd-new, port 10026)
with ESMTP id jWjaalifFrqu for <linux-kernel@vger.kernel.org>;
Tue, 7 Nov 2023 15:36:13 +0300 (MSK)
Received: from localhost.localdomain (mail.dev-ai-melanoma.ru
[185.130.227.204])
by mail.nppct.ru (Postfix) with ESMTPSA id 236B81C0CB3;
Tue, 7 Nov 2023 15:36:12 +0300 (MSK)
From: Andrey Shumilin <shum.sdl@nppct.ru>
To: 3chas3@gmail.com
Cc: Andrey Shumilin <shum.sdl@nppct.ru>,
linux-atm-general@lists.sourceforge.net, netdev@vger.kernel.org,
linux-kernel@vger.kernel.org, lvc-project@linuxtesting.org,
khoroshilov@ispras.ru, ykarpov@ispras.ru, vmerzlyakov@ispras.ru,
vefanov@ispras.ru
Subject: [PATCH] iphase: Adding a null pointer check
Date: Tue, 7 Nov 2023 15:36:00 +0300
Message-Id: <20231107123600.14529-1-shum.sdl@nppct.ru>
X-Mailer: git-send-email 2.30.2
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS,
T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test,
not delayed by milter-greylist-4.6.4 (snail.vger.email [0.0.0.0]);
Tue, 07 Nov 2023 04:50:33 -0800 (PST)
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: 1781904617361027679
X-GMAIL-MSGID: 1781909616136276248
|
| Series |
iphase: Adding a null pointer check
|
|
Commit Message
Andrey Shumilin
Nov. 7, 2023, 12:36 p.m. UTC
The pointer <dev->desc_tbl[i].iavcc> is dereferenced on line 195.
Further in the code, it is checked for null on line 204.
It is proposed to add a check before dereferencing the pointer.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Signed-off-by: Andrey Shumilin <shum.sdl@nppct.ru>
---
drivers/atm/iphase.c | 5 +++++
1 file changed, 5 insertions(+)
Comments
On Tue, 7 Nov 2023 15:36:00 +0300 Andrey Shumilin wrote: > The pointer <dev->desc_tbl[i].iavcc> is dereferenced on line 195. > Further in the code, it is checked for null on line 204. > It is proposed to add a check before dereferencing the pointer. How do you know this is the right way to address the problem. Much easier to debug a crash than misbehaving driver. This is ancient code, leave it be.
Proposal for subject: atm: iphase: Move check for NULL before derefence in get_desc() On 07.11.2023 15:36, Andrey Shumilin wrote: > The pointer <dev->desc_tbl[i].iavcc> is dereferenced on line 195. > Further in the code, it is checked for null on line 204. > It is proposed to add a check before dereferencing the pointer. Line numbers in commit messages are not welcome since they are subject for change and a reader of the message likely has other code at that lines in his version of the file. > > Found by Linux Verification Center (linuxtesting.org) with SVACE. > > Signed-off-by: Andrey Shumilin <shum.sdl@nppct.ru> > --- > drivers/atm/iphase.c | 5 +++++ > 1 file changed, 5 insertions(+) > > diff --git a/drivers/atm/iphase.c b/drivers/atm/iphase.c > index 324148686953..596422fbfacc 100644 > --- a/drivers/atm/iphase.c > +++ b/drivers/atm/iphase.c > @@ -192,6 +192,11 @@ static u16 get_desc (IADEV *dev, struct ia_vcc *iavcc) { > i++; > continue; > } > + if (!(iavcc_r = dev->desc_tbl[i].iavcc)) { > + printk("Fatal err, desc table vcc or skb is NULL\n"); > + i++; > + continue; > + } Error message should be fixed, skb is not check for NULL here. > ltimeout = dev->desc_tbl[i].iavcc->ltimeout; > delta = jiffies - dev->desc_tbl[i].timestamp; > if (delta >= ltimeout) { > > if (!dev->desc_tbl[i].txskb || !(iavcc_r = dev->desc_tbl[i].iavcc)) > printk("Fatal err, desc table vcc or skb is NULL\n"); The existing check should be fixed to check for skb only. -- Alexey
diff --git a/drivers/atm/iphase.c b/drivers/atm/iphase.c index 324148686953..596422fbfacc 100644 --- a/drivers/atm/iphase.c +++ b/drivers/atm/iphase.c @@ -192,6 +192,11 @@ static u16 get_desc (IADEV *dev, struct ia_vcc *iavcc) { i++; continue; } + if (!(iavcc_r = dev->desc_tbl[i].iavcc)) { + printk("Fatal err, desc table vcc or skb is NULL\n"); + i++; + continue; + } ltimeout = dev->desc_tbl[i].iavcc->ltimeout; delta = jiffies - dev->desc_tbl[i].timestamp; if (delta >= ltimeout) {