linux-next.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* Re: FW: next-20090724: null pointer dereference from ibm_find_acpi_device
       [not found] <4911F71203A09E4D9981D27F9D8308582EE836AE@orsmsx503.amr.corp.intel.com>
@ 2009-07-27  9:03 ` Lin Ming
  2009-07-30 16:55   ` Thomas Meyer
  0 siblings, 1 reply; 3+ messages in thread
From: Lin Ming @ 2009-07-27  9:03 UTC (permalink / raw)
  To: thomas; +Cc: Moore, Robert, Len Brown, linux-next

Hi, Thomas

Would you please try below patch?

info->hardware_id.string[sizeof(info->hardware_id.length) - 1] = '\0' is
not needed anymore because acpi_get_object_info already handles it.

        /* Allocate a buffer for the HID */

        hid =
            ACPI_ALLOCATE_ZEROED(sizeof(struct acpica_device_id) +
                                 (acpi_size) length);

And it would cause null pointer deference if info->hardware_id.string is
NULL.

So delete it.

diff --git a/drivers/pci/hotplug/acpiphp_ibm.c b/drivers/pci/hotplug/acpiphp_ibm.c
index a9d926b..e7be66d 100644
--- a/drivers/pci/hotplug/acpiphp_ibm.c
+++ b/drivers/pci/hotplug/acpiphp_ibm.c
@@ -406,7 +406,6 @@ static acpi_status __init ibm_find_acpi_device(acpi_handle handle,
 			__func__, status);
 		return retval;
 	}
-	info->hardware_id.string[sizeof(info->hardware_id.length) - 1] = '\0';
 
 	if (info->current_status && (info->valid & ACPI_VALID_HID) &&
 			(!strcmp(info->hardware_id.string, IBM_HARDWARE_ID1) ||


On Mon, 2009-07-27 at 13:09 +0800, Moore, Robert wrote:
> Lin Ming,
> 
> Can you take a look at this?
> 
> Thanks
> Bob
> 
> 
> -----Original Message-----
> From: Thomas Meyer [mailto:thomas@m3y3r.de] 
> Sent: Sunday, July 26, 2009 3:15 AM
> To: Moore, Robert; Brown, Len; linux-next@vger.kernel.org
> Subject: next-20090724: null pointer dereference from ibm_find_acpi_device
> 
> Hi.
> 
> Probably caused by commit fbe8cddd2d85979d273d7937a2b8a47498694d91.
> 
> See attached screenshot.
> 

^ permalink raw reply related	[flat|nested] 3+ messages in thread
* Re: FW: next-20090724: null pointer dereference from ibm_find_acpi_device
  2009-07-27  9:03 ` FW: next-20090724: null pointer dereference from ibm_find_acpi_device Lin Ming
@ 2009-07-30 16:55   ` Thomas Meyer
  2009-08-03  1:17     ` Lin Ming
  0 siblings, 1 reply; 3+ messages in thread
From: Thomas Meyer @ 2009-07-30 16:55 UTC (permalink / raw)
  To: Lin Ming; +Cc: Moore, Robert, Len Brown, linux-next

Am Montag, den 27.07.2009, 17:03 +0800 schrieb Lin Ming: 
> Hi, Thomas
> 
> Would you please try below patch?

Yes. The patch below makes the NULL pointer dereference go away. Is the
hardware_id.string accessibly thru sysfs?

> 
> info->hardware_id.string[sizeof(info->hardware_id.length) - 1] = '\0' is
> not needed anymore because acpi_get_object_info already handles it.
> 
>         /* Allocate a buffer for the HID */
> 
>         hid =
>             ACPI_ALLOCATE_ZEROED(sizeof(struct acpica_device_id) +
>                                  (acpi_size) length);
> 
> And it would cause null pointer deference if info->hardware_id.string is
> NULL.
> 
> So delete it.
> 
> diff --git a/drivers/pci/hotplug/acpiphp_ibm.c b/drivers/pci/hotplug/acpiphp_ibm.c
> index a9d926b..e7be66d 100644
> --- a/drivers/pci/hotplug/acpiphp_ibm.c
> +++ b/drivers/pci/hotplug/acpiphp_ibm.c
> @@ -406,7 +406,6 @@ static acpi_status __init ibm_find_acpi_device(acpi_handle handle,
>  			__func__, status);
>  		return retval;
>  	}
> -	info->hardware_id.string[sizeof(info->hardware_id.length) - 1] = '\0';
>  
>  	if (info->current_status && (info->valid & ACPI_VALID_HID) &&
>  			(!strcmp(info->hardware_id.string, IBM_HARDWARE_ID1) ||
> 
> 
> On Mon, 2009-07-27 at 13:09 +0800, Moore, Robert wrote:
> > Lin Ming,
> > 
> > Can you take a look at this?
> > 
> > Thanks
> > Bob
> > 
> > 
> > -----Original Message-----
> > From: Thomas Meyer [mailto:thomas@m3y3r.de] 
> > Sent: Sunday, July 26, 2009 3:15 AM
> > To: Moore, Robert; Brown, Len; linux-next@vger.kernel.org
> > Subject: next-20090724: null pointer dereference from ibm_find_acpi_device
> > 
> > Hi.
> > 
> > Probably caused by commit fbe8cddd2d85979d273d7937a2b8a47498694d91.
> > 
> > See attached screenshot.
> > 
> 

^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: FW: next-20090724: null pointer dereference from ibm_find_acpi_device
  2009-07-30 16:55   ` Thomas Meyer
@ 2009-08-03  1:17     ` Lin Ming
  0 siblings, 0 replies; 3+ messages in thread
From: Lin Ming @ 2009-08-03  1:17 UTC (permalink / raw)
  To: Thomas Meyer; +Cc: Moore, Robert, Brown, Len, linux-next

On Fri, 2009-07-31 at 00:55 +0800, Thomas Meyer wrote:
> Am Montag, den 27.07.2009, 17:03 +0800 schrieb Lin Ming: 
> > Hi, Thomas
> > 
> > Would you please try below patch?
> 
> Yes. The patch below makes the NULL pointer dereference go away. Is the
> hardware_id.string accessibly thru sysfs?

It's shown thru sysfs if it's not NULL.

See acpi_device_setup_files.

static int acpi_device_setup_files(struct acpi_device *dev)
{
 	....

        if (dev->flags.hardware_id) {
                result = device_create_file(&dev->dev, &dev_attr_hid);
                if (result)
                        goto end;
        }

	....
}

Lin Ming

> 
> > 
> > info->hardware_id.string[sizeof(info->hardware_id.length) - 1] = '\0' is
> > not needed anymore because acpi_get_object_info already handles it.
> > 
> >         /* Allocate a buffer for the HID */
> > 
> >         hid =
> >             ACPI_ALLOCATE_ZEROED(sizeof(struct acpica_device_id) +
> >                                  (acpi_size) length);
> > 
> > And it would cause null pointer deference if info->hardware_id.string is
> > NULL.
> > 
> > So delete it.
> > 
> > diff --git a/drivers/pci/hotplug/acpiphp_ibm.c b/drivers/pci/hotplug/acpiphp_ibm.c
> > index a9d926b..e7be66d 100644
> > --- a/drivers/pci/hotplug/acpiphp_ibm.c
> > +++ b/drivers/pci/hotplug/acpiphp_ibm.c
> > @@ -406,7 +406,6 @@ static acpi_status __init ibm_find_acpi_device(acpi_handle handle,
> >  			__func__, status);
> >  		return retval;
> >  	}
> > -	info->hardware_id.string[sizeof(info->hardware_id.length) - 1] = '\0';
> >  
> >  	if (info->current_status && (info->valid & ACPI_VALID_HID) &&
> >  			(!strcmp(info->hardware_id.string, IBM_HARDWARE_ID1) ||
> > 
> > 
> > On Mon, 2009-07-27 at 13:09 +0800, Moore, Robert wrote:
> > > Lin Ming,
> > > 
> > > Can you take a look at this?
> > > 
> > > Thanks
> > > Bob
> > > 
> > > 
> > > -----Original Message-----
> > > From: Thomas Meyer [mailto:thomas@m3y3r.de] 
> > > Sent: Sunday, July 26, 2009 3:15 AM
> > > To: Moore, Robert; Brown, Len; linux-next@vger.kernel.org
> > > Subject: next-20090724: null pointer dereference from ibm_find_acpi_device
> > > 
> > > Hi.
> > > 
> > > Probably caused by commit fbe8cddd2d85979d273d7937a2b8a47498694d91.
> > > 
> > > See attached screenshot.
> > > 
> > 
> 

^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2009-08-03  1:18 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
     [not found] <4911F71203A09E4D9981D27F9D8308582EE836AE@orsmsx503.amr.corp.intel.com>
2009-07-27  9:03 ` FW: next-20090724: null pointer dereference from ibm_find_acpi_device Lin Ming
2009-07-30 16:55   ` Thomas Meyer
2009-08-03  1:17     ` Lin Ming

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).