* [PATCH] PM / devfreq: Fix potential NULL pointer dereference in governor_store @ 2017-12-06 20:20 ` Gustavo A. R. Silva 2017-12-07 1:24 ` Chanwoo Choi [not found] ` <CGME20171206202020epcas3p4fe9a9fb5346f2d413199ed71d1d0f19f@epcms1p4> 0 siblings, 2 replies; 5+ messages in thread From: Gustavo A. R. Silva @ 2017-12-06 20:20 UTC (permalink / raw) To: MyungJoo Ham, Kyungmin Park, Chanwoo Choi Cc: linux-pm, linux-kernel, Gustavo A. R. Silva df->governor is being dereferenced before it is null checked, hence there is a potential null pointer dereference. Notice that df->governor is being null checked at line 1004: if (df->governor) {, which implies it might be null. Fix this by null checking df->governor before dereferencing it. Addresses-Coverity-ID: 1401988 ("Dereference before null check") Fixes: bcf23c79c4e4 ("PM / devfreq: Fix available_governor sysfs") Signed-off-by: Gustavo A. R. Silva <garsilva@embeddedor.com> --- drivers/devfreq/devfreq.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/devfreq/devfreq.c b/drivers/devfreq/devfreq.c index 78fb496..14fe76b 100644 --- a/drivers/devfreq/devfreq.c +++ b/drivers/devfreq/devfreq.c @@ -996,7 +996,8 @@ static ssize_t governor_store(struct device *dev, struct device_attribute *attr, if (df->governor == governor) { ret = 0; goto out; - } else if (df->governor->immutable || governor->immutable) { + } else if ((df->governor && df->governor->immutable) || + governor->immutable) { ret = -EINVAL; goto out; } -- 2.7.4 ^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH] PM / devfreq: Fix potential NULL pointer dereference in governor_store 2017-12-06 20:20 ` [PATCH] PM / devfreq: Fix potential NULL pointer dereference in governor_store Gustavo A. R. Silva @ 2017-12-07 1:24 ` Chanwoo Choi 2017-12-07 23:56 ` Gustavo A. R. Silva [not found] ` <CGME20171206202020epcas3p4fe9a9fb5346f2d413199ed71d1d0f19f@epcms1p4> 1 sibling, 1 reply; 5+ messages in thread From: Chanwoo Choi @ 2017-12-07 1:24 UTC (permalink / raw) To: Gustavo A. R. Silva, MyungJoo Ham, Kyungmin Park; +Cc: linux-pm, linux-kernel On 2017년 12월 07일 05:20, Gustavo A. R. Silva wrote: > df->governor is being dereferenced before it is null checked, > hence there is a potential null pointer dereference. > > Notice that df->governor is being null checked at line 1004: > if (df->governor) {, which implies it might be null. > > Fix this by null checking df->governor before dereferencing it. > > Addresses-Coverity-ID: 1401988 ("Dereference before null check") > Fixes: bcf23c79c4e4 ("PM / devfreq: Fix available_governor sysfs") > Signed-off-by: Gustavo A. R. Silva <garsilva@embeddedor.com> > --- > drivers/devfreq/devfreq.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/drivers/devfreq/devfreq.c b/drivers/devfreq/devfreq.c > index 78fb496..14fe76b 100644 > --- a/drivers/devfreq/devfreq.c > +++ b/drivers/devfreq/devfreq.c > @@ -996,7 +996,8 @@ static ssize_t governor_store(struct device *dev, struct device_attribute *attr, > if (df->governor == governor) { > ret = 0; > goto out; > - } else if (df->governor->immutable || governor->immutable) { > + } else if ((df->governor && df->governor->immutable) || > + governor->immutable) { > ret = -EINVAL; > goto out; > } > Actually, df->governor would be never NULL because devfreq_add_device() initializes the ->governor always. But, governor_store() doesn't know it. So, looks good to me. Reviewed-by: Chanwoo Choi <cw00.choi@samsung.com> -- Best Regards, Chanwoo Choi Samsung Electronics ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] PM / devfreq: Fix potential NULL pointer dereference in governor_store 2017-12-07 1:24 ` Chanwoo Choi @ 2017-12-07 23:56 ` Gustavo A. R. Silva 0 siblings, 0 replies; 5+ messages in thread From: Gustavo A. R. Silva @ 2017-12-07 23:56 UTC (permalink / raw) To: Chanwoo Choi; +Cc: MyungJoo Ham, Kyungmin Park, linux-pm, linux-kernel Hi Chanwoo, Quoting Chanwoo Choi <cw00.choi@samsung.com>: > On 2017년 12월 07일 05:20, Gustavo A. R. Silva wrote: >> df->governor is being dereferenced before it is null checked, >> hence there is a potential null pointer dereference. >> >> Notice that df->governor is being null checked at line 1004: >> if (df->governor) {, which implies it might be null. >> >> Fix this by null checking df->governor before dereferencing it. >> >> Addresses-Coverity-ID: 1401988 ("Dereference before null check") >> Fixes: bcf23c79c4e4 ("PM / devfreq: Fix available_governor sysfs") >> Signed-off-by: Gustavo A. R. Silva <garsilva@embeddedor.com> >> --- >> drivers/devfreq/devfreq.c | 3 ++- >> 1 file changed, 2 insertions(+), 1 deletion(-) >> >> diff --git a/drivers/devfreq/devfreq.c b/drivers/devfreq/devfreq.c >> index 78fb496..14fe76b 100644 >> --- a/drivers/devfreq/devfreq.c >> +++ b/drivers/devfreq/devfreq.c >> @@ -996,7 +996,8 @@ static ssize_t governor_store(struct device >> *dev, struct device_attribute *attr, >> if (df->governor == governor) { >> ret = 0; >> goto out; >> - } else if (df->governor->immutable || governor->immutable) { >> + } else if ((df->governor && df->governor->immutable) || >> + governor->immutable) { >> ret = -EINVAL; >> goto out; >> } >> > > Actually, df->governor would be never NULL because devfreq_add_device() > initializes the ->governor always. But, governor_store() doesn't know it. > I got it. > So, looks good to me. > Reviewed-by: Chanwoo Choi <cw00.choi@samsung.com> > Thank you -- Gustavo A. R. Silva ^ permalink raw reply [flat|nested] 5+ messages in thread
[parent not found: <CGME20171206202020epcas3p4fe9a9fb5346f2d413199ed71d1d0f19f@epcms1p4>]
* RE: [PATCH] PM / devfreq: Fix potential NULL pointer dereference in governor_store [not found] ` <CGME20171206202020epcas3p4fe9a9fb5346f2d413199ed71d1d0f19f@epcms1p4> @ 2017-12-07 2:41 ` MyungJoo Ham 2017-12-07 23:57 ` Gustavo A. R. Silva 0 siblings, 1 reply; 5+ messages in thread From: MyungJoo Ham @ 2017-12-07 2:41 UTC (permalink / raw) To: Kyungmin Park, Chanwoo Choi; +Cc: linux-pm, linux-kernel, Gustavo A. R. Silva > df->governor is being dereferenced before it is null checked, > hence there is a potential null pointer dereference. > > Notice that df->governor is being null checked at line 1004: > if (df->governor) {, which implies it might be null. > > Fix this by null checking df->governor before dereferencing it. > > Addresses-Coverity-ID: 1401988 ("Dereference before null check") > Fixes: bcf23c79c4e4 ("PM / devfreq: Fix available_governor sysfs") > Signed-off-by: Gustavo A. R. Silva <garsilva@embeddedor.com> Acked-by: MyungJoo Ham <myungjoo.ham@samsung.com> Cheers, MyungJoo > --- > drivers/devfreq/devfreq.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/drivers/devfreq/devfreq.c b/drivers/devfreq/devfreq.c > index 78fb496..14fe76b 100644 ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] PM / devfreq: Fix potential NULL pointer dereference in governor_store 2017-12-07 2:41 ` MyungJoo Ham @ 2017-12-07 23:57 ` Gustavo A. R. Silva 0 siblings, 0 replies; 5+ messages in thread From: Gustavo A. R. Silva @ 2017-12-07 23:57 UTC (permalink / raw) To: MyungJoo Ham; +Cc: Kyungmin Park, Chanwoo Choi, linux-pm, linux-kernel Quoting MyungJoo Ham <myungjoo.ham@samsung.com>: >> df->governor is being dereferenced before it is null checked, >> hence there is a potential null pointer dereference. >> >> Notice that df->governor is being null checked at line 1004: >> if (df->governor) {, which implies it might be null. >> >> Fix this by null checking df->governor before dereferencing it. >> >> Addresses-Coverity-ID: 1401988 ("Dereference before null check") >> Fixes: bcf23c79c4e4 ("PM / devfreq: Fix available_governor sysfs") >> Signed-off-by: Gustavo A. R. Silva <garsilva@embeddedor.com> > > Acked-by: MyungJoo Ham <myungjoo.ham@samsung.com> > Thank you, MyungJoo -- Gustavo A. R. Silva ^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2017-12-07 23:57 UTC | newest] Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- [not found] <CGME20171206202028epcas2p44920d43cbde12943ed978b1e6d192ba5@epcas2p4.samsung.com> 2017-12-06 20:20 ` [PATCH] PM / devfreq: Fix potential NULL pointer dereference in governor_store Gustavo A. R. Silva 2017-12-07 1:24 ` Chanwoo Choi 2017-12-07 23:56 ` Gustavo A. R. Silva [not found] ` <CGME20171206202020epcas3p4fe9a9fb5346f2d413199ed71d1d0f19f@epcms1p4> 2017-12-07 2:41 ` MyungJoo Ham 2017-12-07 23:57 ` Gustavo A. R. Silva
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.