From: okaya@codeaurora.org
To: Andy Shevchenko <andy.shevchenko@gmail.com>
Cc: Anton Vasilyev <vasilyev@ispras.ru>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Johannes Thumshirn <jthumshirn@suse.de>,
Gaurav Pathak <gauravpathak129@gmail.com>,
Hannes Reinecke <hare@suse.de>,
devel@driverdev.osuosl.org,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
ldv-project@linuxtesting.org
Subject: Re: [PATCH] staging: rts5208: add check on NULL before dereference
Date: Sat, 09 Jun 2018 18:22:56 -0400 [thread overview]
Message-ID: <6358f10997e30da2fe91e75525d14131@codeaurora.org> (raw)
In-Reply-To: <CAHp75VdkDCCJCqBTGsPCzaCKfT_bqYNGDQekvr56U3fhR+uthA@mail.gmail.com>
On 2018-06-09 15:34, Andy Shevchenko wrote:
> On Sat, Jun 9, 2018 at 7:58 PM, <okaya@codeaurora.org> wrote:
>> On 2018-06-09 12:38, Anton Vasilyev wrote:
>>>
>>> If rtsx_probe fails to allocate dev->chip, then NULL pointer
>>> dereference occurs at rtsx_release_resources().
>>>
>>> Patch adds checks chip on NULL before its dereference at
>>> rtsx_release_resources and passing with dereference inside
>>> rtsx_release_chip.
>>>
>>> Found by Linux Driver Verification project (linuxtesting.org).
>
>> I think you should bail out if dev->chip is null rather than adding
>> conditiinals.
>
> I'm wondering if it's false positive. At which circumstances that may
> happen?
Only if dev->chip allocation fails. Code tries to cleanup prior
resources by calling clean_everything() function which ends up in
rtsx_release_resources()
next prev parent reply other threads:[~2018-06-09 22:23 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-06-09 16:38 [PATCH] staging: rts5208: add check on NULL before dereference Anton Vasilyev
2018-06-09 16:58 ` okaya
2018-06-09 19:34 ` Andy Shevchenko
2018-06-09 22:22 ` okaya [this message]
2018-06-12 13:06 ` Dan Carpenter
2018-06-13 16:55 ` [PATCH v2] " Anton Vasilyev
2018-06-13 17:00 ` Andy Shevchenko
2018-06-13 17:34 ` [PATCH v3] staging: rts5208: add error handling into rtsx_probe Anton Vasilyev
[not found] ` <20180613173128.32384-1-vasilyev@ispras.ru>
2018-06-19 7:42 ` your mail Dan Carpenter
2018-06-19 15:25 ` [PATCH v4] staging: rts5208: add error handling into rtsx_probe Anton Vasilyev
2018-06-19 17:13 ` Andy Shevchenko
2018-08-01 11:55 ` [PATCH v5] " Anton Vasilyev
2018-08-01 12:18 ` Andy Shevchenko
2018-08-01 14:08 ` Anton Vasilyev
2018-08-01 14:52 ` Dan Carpenter
2018-08-01 15:37 ` Andy Shevchenko
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=6358f10997e30da2fe91e75525d14131@codeaurora.org \
--to=okaya@codeaurora.org \
--cc=andy.shevchenko@gmail.com \
--cc=devel@driverdev.osuosl.org \
--cc=gauravpathak129@gmail.com \
--cc=gregkh@linuxfoundation.org \
--cc=hare@suse.de \
--cc=jthumshirn@suse.de \
--cc=ldv-project@linuxtesting.org \
--cc=linux-kernel@vger.kernel.org \
--cc=vasilyev@ispras.ru \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.