Linux-mm Archive on lore.kernel.org
 help / color / Atom feed
* Potential NULL pointer deference in mm/memcontrol.c
@ 2019-10-10  4:56 Yizhuo Zhai
  2019-10-10  7:19 ` Michal Hocko
  0 siblings, 1 reply; 2+ messages in thread
From: Yizhuo Zhai @ 2019-10-10  4:56 UTC (permalink / raw)
  To: Johannes Weiner, Michal Hocko, Vladimir Davydov, cgroups,
	linux-mm, linux-kernel, Zhiyun Qian, Chengyu Song

Hi All:
mm/memcontrol.c:
The function mem_cgroup_from_css() could return NULL, but some callers
in this file
checks the return value but directly dereference it, which seems
potentially unsafe.
Such callers include mem_cgroup_hierarchy_read(),
mem_cgroup_hierarchy_write(), mem_cgroup_read_u64(),
mem_cgroup_reset(), etc.
-- 
Kind Regards,

Yizhuo Zhai

Computer Science, Graduate Student
University of California, Riverside


^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: Potential NULL pointer deference in mm/memcontrol.c
  2019-10-10  4:56 Potential NULL pointer deference in mm/memcontrol.c Yizhuo Zhai
@ 2019-10-10  7:19 ` Michal Hocko
  0 siblings, 0 replies; 2+ messages in thread
From: Michal Hocko @ 2019-10-10  7:19 UTC (permalink / raw)
  To: Yizhuo Zhai
  Cc: Johannes Weiner, Vladimir Davydov, cgroups, linux-mm,
	linux-kernel, Zhiyun Qian, Chengyu Song

On Wed 09-10-19 21:56:04, Yizhuo Zhai wrote:
> Hi All:
> mm/memcontrol.c:
> The function mem_cgroup_from_css() could return NULL, but some callers

This is the case only when the memory cgroup controller is disabled
which is a boot time option.

> in this file
> checks the return value but directly dereference it, which seems
> potentially unsafe.
> Such callers include mem_cgroup_hierarchy_read(),
> mem_cgroup_hierarchy_write(), mem_cgroup_read_u64(),
> mem_cgroup_reset(), etc.

And none of those should be ever called under that condition AFAICS.

Thanks!
-- 
Michal Hocko
SUSE Labs


^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, back to index

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-10-10  4:56 Potential NULL pointer deference in mm/memcontrol.c Yizhuo Zhai
2019-10-10  7:19 ` Michal Hocko

Linux-mm Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-mm/0 linux-mm/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-mm linux-mm/ https://lore.kernel.org/linux-mm \
		linux-mm@kvack.org linux-mm@archiver.kernel.org
	public-inbox-index linux-mm

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kvack.linux-mm


AGPL code for this site: git clone https://public-inbox.org/ public-inbox