From mboxrd@z Thu Jan 1 00:00:00 1970 Return-path: Received: from s3.sipsolutions.net ([5.9.151.49]:59065 "EHLO sipsolutions.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S933401AbcFMJJE (ORCPT ); Mon, 13 Jun 2016 05:09:04 -0400 Message-ID: <1465808939.2434.1.camel@sipsolutions.net> (sfid-20160613_110909_149836_46A5216E) Subject: Re: [PATCH] ath10k: fix potential null dereference bugs From: Johannes Berg To: Michal Kazior , Bob Copeland Cc: linux-wireless , "ath10k@lists.infradead.org" Date: Mon, 13 Jun 2016 11:08:59 +0200 In-Reply-To: (sfid-20160613_074004_402825_22006851) References: <1465563164-783-1-git-send-email-me@bobcopeland.com> (sfid-20160613_074004_402825_22006851) Content-Type: text/plain; charset="UTF-8" Mime-Version: 1.0 Sender: linux-wireless-owner@vger.kernel.org List-ID: On Mon, 2016-06-13 at 07:39 +0200, Michal Kazior wrote: >  > FWIW all of these are false positives. I think this was already > pointed out some time ago. The drv_priv stuff is merely an offset > (see how ieee80211_vif and ieee80211_sta are defined) and the > according structure is always checked beforehand. > IIRC, doing something like that can (sometimes?) still get you into undefined behaviour territory, so the compiler could potentially "optimize" away the later NULL check. Or am I confusing something? Seems entirely possible :) johannes From mboxrd@z Thu Jan 1 00:00:00 1970 Return-path: Received: from s3.sipsolutions.net ([5.9.151.49] helo=sipsolutions.net) by bombadil.infradead.org with esmtps (Exim 4.80.1 #2 (Red Hat Linux)) id 1bCNs5-0001BZ-L5 for ath10k@lists.infradead.org; Mon, 13 Jun 2016 09:09:26 +0000 Message-ID: <1465808939.2434.1.camel@sipsolutions.net> Subject: Re: [PATCH] ath10k: fix potential null dereference bugs From: Johannes Berg Date: Mon, 13 Jun 2016 11:08:59 +0200 In-Reply-To: (sfid-20160613_074004_402825_22006851) References: <1465563164-783-1-git-send-email-me@bobcopeland.com> (sfid-20160613_074004_402825_22006851) Mime-Version: 1.0 List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Sender: "ath10k" Errors-To: ath10k-bounces+kvalo=adurom.com@lists.infradead.org To: Michal Kazior , Bob Copeland Cc: linux-wireless , "ath10k@lists.infradead.org" T24gTW9uLCAyMDE2LTA2LTEzIGF0IDA3OjM5ICswMjAwLCBNaWNoYWwgS2F6aW9yIHdyb3RlOgo+ wqAKPiBGV0lXIGFsbCBvZiB0aGVzZSBhcmUgZmFsc2UgcG9zaXRpdmVzLiBJIHRoaW5rIHRoaXMg d2FzIGFscmVhZHkKPiBwb2ludGVkIG91dCBzb21lIHRpbWUgYWdvLiBUaGUgZHJ2X3ByaXYgc3R1 ZmYgaXMgbWVyZWx5IGFuIG9mZnNldAo+IChzZWUgaG93IGllZWU4MDIxMV92aWYgYW5kIGllZWU4 MDIxMV9zdGEgYXJlIGRlZmluZWQpIGFuZCB0aGUKPiBhY2NvcmRpbmcgc3RydWN0dXJlIGlzIGFs d2F5cyBjaGVja2VkIGJlZm9yZWhhbmQuCj4gCgpJSVJDLCBkb2luZyBzb21ldGhpbmcgbGlrZSB0 aGF0IGNhbiAoc29tZXRpbWVzPykgc3RpbGwgZ2V0IHlvdSBpbnRvCnVuZGVmaW5lZCBiZWhhdmlv dXIgdGVycml0b3J5LCBzbyB0aGUgY29tcGlsZXIgY291bGQgcG90ZW50aWFsbHkKIm9wdGltaXpl IiBhd2F5IHRoZSBsYXRlciBOVUxMIGNoZWNrLgoKT3IgYW0gSSBjb25mdXNpbmcgc29tZXRoaW5n PyBTZWVtcyBlbnRpcmVseSBwb3NzaWJsZSA6KQoKam9oYW5uZXMKCl9fX19fX19fX19fX19fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fCmF0aDEwayBtYWlsaW5nIGxpc3QKYXRoMTBr QGxpc3RzLmluZnJhZGVhZC5vcmcKaHR0cDovL2xpc3RzLmluZnJhZGVhZC5vcmcvbWFpbG1hbi9s aXN0aW5mby9hdGgxMGsK