| Message ID | 20230113133320.7531-1-abelova@astralinux.ru |
|---|---|
| State | New |
| Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a5d:4e01:0:0:0:0:0 with SMTP id p1csp274748wrt;
Fri, 13 Jan 2023 05:41:30 -0800 (PST)
X-Google-Smtp-Source:
AMrXdXua+/wt1CIqFlqFCjun+PADsT1jB6jDdl+7RyVIlgVR9ookInqP8Evsy/ey7wHB8pd/UHQe
X-Received: by 2002:a05:6402:3894:b0:48f:68b1:db4e with SMTP id
fd20-20020a056402389400b0048f68b1db4emr31002946edb.27.1673617290526;
Fri, 13 Jan 2023 05:41:30 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1673617290; cv=none;
d=google.com; s=arc-20160816;
b=vnArlcxx1GFulsGof9oGzFYLFBR0nYg0GPdxGInURTsUU+7w0qLW1481nwfIlZBWTY
KEv4nBegSE8yMxyMt8bNH30JxWsLFy7gWOaFpRViiusRRMyzwQWBatLPvIVOdvcd4Suy
JxZcESP4SG0hHyTSewVyYX40sWr66ahuftMuzYWEaK0xGmXWS6DPfxrbmE9ST5ucociX
Xb09J+8q1ThKDHFyezzuQGWQrL9aCL4c8hza0gZhZebNeda1g6cAPrSndG1y4IERyM6I
TO4kqZmS8LfxHz2dmfqanf6qAX+AmKqXSayPwt+oOdb1DTIIQQQv1UZRlkgOiC/imTf6
UzHA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=list-id:precedence:content-transfer-encoding:mime-version
:message-id:date:subject:cc:to:from;
bh=sNaq5UV5JC7uxN7zgjPz5wmAri/+U/ysAeOihRWWfOI=;
b=bbvLsBEpgiVLeGlsTcGoc72bIK/NOwke61mNGsgYFsg9bJGXuz8sSptyARsdaV44+K
Ic8a/TkUhDZABOUDhESM+3nQIqS1dv1LufyWd6zlXk2cEzOFHFkBBTwQoJ/pzN0NgRVO
lJ+0XVcH6le1VaJykjlRertvAR8/r3162ifn/1gETxt9WM+5k5ogUuLlrrn2Ai3jLcXC
9NrR+FgdmednaDQh2nc5c0DOji26RB7YWiHRSI3V1MX9YjscZySsqtTJgLJUvoJxcJL6
bmCSvN/SVSWY6DVsSbSHhoiEaRq8Sj+0ZVCE+7Ep+mYyhgyT8+JjAT5U4yTVx2w19560
VcqA==
ARC-Authentication-Results: i=1; mx.google.com;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
by mx.google.com with ESMTP id
fk24-20020a056402399800b0046cd7eb4327si20031701edb.376.2023.01.13.05.41.05;
Fri, 13 Jan 2023 05:41:30 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
id S241698AbjAMNj2 (ORCPT <rfc822;callmefire3@gmail.com>
+ 99 others); Fri, 13 Jan 2023 08:39:28 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38370 "EHLO
lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
with ESMTP id S241832AbjAMNim (ORCPT
<rfc822;linux-kernel@vger.kernel.org>);
Fri, 13 Jan 2023 08:38:42 -0500
Received: from mail.astralinux.ru (mail.astralinux.ru [217.74.38.119])
by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 76E153C3A0;
Fri, 13 Jan 2023 05:33:27 -0800 (PST)
Received: from localhost (localhost [127.0.0.1])
by mail.astralinux.ru (Postfix) with ESMTP id D91101863FB1;
Fri, 13 Jan 2023 16:33:23 +0300 (MSK)
Received: from mail.astralinux.ru ([127.0.0.1])
by localhost (rbta-msk-vsrv-mail01.astralinux.ru [127.0.0.1])
(amavisd-new, port 10032)
with ESMTP id YD6YgPiEQKEc; Fri, 13 Jan 2023 16:33:23 +0300 (MSK)
Received: from localhost (localhost [127.0.0.1])
by mail.astralinux.ru (Postfix) with ESMTP id 936301863F94;
Fri, 13 Jan 2023 16:33:23 +0300 (MSK)
X-Virus-Scanned: amavisd-new at astralinux.ru
Received: from mail.astralinux.ru ([127.0.0.1])
by localhost (rbta-msk-vsrv-mail01.astralinux.ru [127.0.0.1])
(amavisd-new, port 10026)
with ESMTP id C0a-tRBm6QT3; Fri, 13 Jan 2023 16:33:23 +0300 (MSK)
Received: from rbta-msk-lt-106062.astralinux.ru (unknown [10.177.20.58])
by mail.astralinux.ru (Postfix) with ESMTPSA id 095ED1863C69;
Fri, 13 Jan 2023 16:33:22 +0300 (MSK)
From: Anastasia Belova <abelova@astralinux.ru>
To: Tomasz Duszynski <tomasz.duszynski@octakon.com>
Cc: Anastasia Belova <abelova@astralinux.ru>,
Jonathan Cameron <jic23@kernel.org>,
Lars-Peter Clausen <lars@metafoo.de>,
Andy Shevchenko <andy.shevchenko@gmail.com>,
linux-iio@vger.kernel.org, linux-kernel@vger.kernel.org,
lvc-project@linuxtesting.org
Subject: [PATCH] iio: chemical: scd30: Add check for NULL in scd30_i2c_command
Date: Fri, 13 Jan 2023 16:33:20 +0300
Message-Id: <20230113133320.7531-1-abelova@astralinux.ru>
X-Mailer: git-send-email 2.30.2
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE,
SPF_PASS autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1754914923867158893?=
X-GMAIL-MSGID: =?utf-8?q?1754914923867158893?=
|
| Series |
iio: chemical: scd30: Add check for NULL in scd30_i2c_command
|
|
Commit Message
Anastasia Belova
Jan. 13, 2023, 1:33 p.m. UTC
Check rsp for NULL-pointer before dereferencing.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Fixes: e510190e0139 ("iio: chemical: scd30: add I2C interface driver")
Signed-off-by: Anastasia Belova <abelova@astralinux.ru>
---
drivers/iio/chemical/scd30_i2c.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
Comments
On Fri, Jan 13, 2023 at 3:33 PM Anastasia Belova <abelova@astralinux.ru> wrote: > > Check rsp for NULL-pointer before dereferencing. > > Found by Linux Verification Center (linuxtesting.org) with SVACE. NAK.
On 13.01.2023 16:33, Anastasia Belova wrote: > Check rsp for NULL-pointer before dereferencing. > > Found by Linux Verification Center (linuxtesting.org) with SVACE. > > Fixes: e510190e0139 ("iio: chemical: scd30: add I2C interface driver") > Signed-off-by: Anastasia Belova <abelova@astralinux.ru> > --- > drivers/iio/chemical/scd30_i2c.c | 6 ++++-- > 1 file changed, 4 insertions(+), 2 deletions(-) > > diff --git a/drivers/iio/chemical/scd30_i2c.c b/drivers/iio/chemical/scd30_i2c.c > index bae479a4721f..84baf67fc0ce 100644 > --- a/drivers/iio/chemical/scd30_i2c.c > +++ b/drivers/iio/chemical/scd30_i2c.c > @@ -101,8 +101,10 @@ static int scd30_i2c_command(struct scd30_state *state, enum scd30_cmd cmd, u16 > return -EIO; > } > > - *rsp++ = buf[i]; > - *rsp++ = buf[i + 1]; > + if (rsp) { > + *rsp++ = buf[i]; > + *rsp++ = buf[i + 1]; > + } > } > > return 0; > It seems it is better to put the whole validation loop under if (rsp) check. -- Alexey
On Fri, Jan 13, 2023 at 8:41 PM Alexey Khoroshilov <khoroshilov@ispras.ru> wrote: > On 13.01.2023 16:33, Anastasia Belova wrote: > It seems it is better to put the whole validation loop under if (rsp) > check. No. The entire patch is redundant. The code that calls this function is under the control of the same driver, so we know how to avoid shooting in our foot.
On 13.01.2023 21:47, Andy Shevchenko wrote: > On Fri, Jan 13, 2023 at 8:41 PM Alexey Khoroshilov > <khoroshilov@ispras.ru> wrote: >> On 13.01.2023 16:33, Anastasia Belova wrote: > >> It seems it is better to put the whole validation loop under if (rsp) >> check. > > No. The entire patch is redundant. > The code that calls this function is under the control of the same > driver, so we know how to avoid shooting in our foot. I see, there is an assumption that response is NULL iff size is zero. May be it could be documented, because naming of arguments does not make such assumption obvious for fresh readers. -- Thank you, Alexey
On Fri, Jan 13, 2023 at 9:27 PM Alexey Khoroshilov <khoroshilov@ispras.ru> wrote: > On 13.01.2023 21:47, Andy Shevchenko wrote: > > On Fri, Jan 13, 2023 at 8:41 PM Alexey Khoroshilov > > <khoroshilov@ispras.ru> wrote: > >> On 13.01.2023 16:33, Anastasia Belova wrote: > > > >> It seems it is better to put the whole validation loop under if (rsp) > >> check. > > > > No. The entire patch is redundant. > > The code that calls this function is under the control of the same > > driver, so we know how to avoid shooting in our foot. > > I see, there is an assumption that response is NULL iff size is zero. Yes. ->read() is called with (NULL, 0) and the code copes with this. A similar situation was discussed recently and Linus T. rejected a proposed change in vsnprintf(). > May be it could be documented, because naming of arguments does not make > such assumption obvious for fresh readers. Documentation improvements are always appreciated!
diff --git a/drivers/iio/chemical/scd30_i2c.c b/drivers/iio/chemical/scd30_i2c.c index bae479a4721f..84baf67fc0ce 100644 --- a/drivers/iio/chemical/scd30_i2c.c +++ b/drivers/iio/chemical/scd30_i2c.c @@ -101,8 +101,10 @@ static int scd30_i2c_command(struct scd30_state *state, enum scd30_cmd cmd, u16 return -EIO; } - *rsp++ = buf[i]; - *rsp++ = buf[i + 1]; + if (rsp) { + *rsp++ = buf[i]; + *rsp++ = buf[i + 1]; + } } return 0;