netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH 0/2] delete null dereference
@ 2015-10-17  9:32 Julia Lawall
  2015-10-17  9:32 ` [PATCH 1/2] NFC: " Julia Lawall
  0 siblings, 1 reply; 4+ messages in thread
From: Julia Lawall @ 2015-10-17  9:32 UTC (permalink / raw)
  To: netdev; +Cc: kernel-janitors, linux-wireless, linux-kernel, linux-media

These patches delete NULL dereferences, as detected by
scripts/coccinelle/null/deref_null.cocci.

---

 drivers/media/pci/netup_unidvb/netup_unidvb_spi.c |    6 ++----
 net/nfc/netlink.c                                 |    6 ++----
 2 files changed, 4 insertions(+), 8 deletions(-)

^ permalink raw reply	[flat|nested] 4+ messages in thread
* [PATCH 1/2] NFC: delete null dereference
  2015-10-17  9:32 [PATCH 0/2] delete null dereference Julia Lawall
@ 2015-10-17  9:32 ` Julia Lawall
  2015-10-19 12:57   ` Dan Carpenter
  2015-10-20  4:50   ` Samuel Ortiz
  0 siblings, 2 replies; 4+ messages in thread
From: Julia Lawall @ 2015-10-17  9:32 UTC (permalink / raw)
  To: Lauro Ramos Venancio
  Cc: kernel-janitors, Aloisio Almeida Jr, Samuel Ortiz,
	David S. Miller, linux-wireless, netdev, linux-kernel

The exit label performs device_unlock(&dev->dev);, which will fail when dev
is NULL, and nfc_put_device(dev);, which is not useful when dev is NULL, so
just exit the function immediately.

Problem found using scripts/coccinelle/null/deref_null.cocci

Signed-off-by: Julia Lawall <Julia.Lawall@lip6.fr>

---
 net/nfc/netlink.c |    6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/net/nfc/netlink.c b/net/nfc/netlink.c
index 853172c..f040532 100644
--- a/net/nfc/netlink.c
+++ b/net/nfc/netlink.c
@@ -1109,10 +1109,8 @@ static int nfc_genl_llc_sdreq(struct sk_buff *skb, struct genl_info *info)
 	idx = nla_get_u32(info->attrs[NFC_ATTR_DEVICE_INDEX]);
 
 	dev = nfc_get_device(idx);
-	if (!dev) {
-		rc = -ENODEV;
-		goto exit;
-	}
+	if (!dev)
+		return -ENODEV;
 
 	device_lock(&dev->dev);
 


^ permalink raw reply related	[flat|nested] 4+ messages in thread
* Re: [PATCH 1/2] NFC: delete null dereference
  2015-10-17  9:32 ` [PATCH 1/2] NFC: " Julia Lawall
@ 2015-10-19 12:57   ` Dan Carpenter
  2015-10-20  4:50   ` Samuel Ortiz
  1 sibling, 0 replies; 4+ messages in thread
From: Dan Carpenter @ 2015-10-19 12:57 UTC (permalink / raw)
  To: Julia Lawall
  Cc: Lauro Ramos Venancio, kernel-janitors, Aloisio Almeida Jr,
	Samuel Ortiz, David S. Miller, linux-wireless, netdev,
	linux-kernel

The next goto after that is messed up as well:

  1056          dev = nfc_get_device(idx);
  1057          if (!dev)
  1058                  return -ENODEV;
  1059  
  1060          device_lock(&dev->dev);
  1061  
  1062          local = nfc_llcp_find_local(dev);
  1063          if (!local) {
  1064                  nfc_put_device(dev);

It should not call nfc_put_device() because that happens after goto
exit.

  1065                  rc = -ENODEV;
  1066                  goto exit;
  1067          }

regards,
dan carpenter

^ permalink raw reply	[flat|nested] 4+ messages in thread
* Re: [PATCH 1/2] NFC: delete null dereference
  2015-10-17  9:32 ` [PATCH 1/2] NFC: " Julia Lawall
  2015-10-19 12:57   ` Dan Carpenter
@ 2015-10-20  4:50   ` Samuel Ortiz
  1 sibling, 0 replies; 4+ messages in thread
From: Samuel Ortiz @ 2015-10-20  4:50 UTC (permalink / raw)
  To: Julia Lawall
  Cc: Lauro Ramos Venancio, kernel-janitors, Aloisio Almeida Jr,
	David S. Miller, linux-wireless, netdev, linux-kernel

Hi Julia,

On Sat, Oct 17, 2015 at 11:32:19AM +0200, Julia Lawall wrote:
> The exit label performs device_unlock(&dev->dev);, which will fail when dev
> is NULL, and nfc_put_device(dev);, which is not useful when dev is NULL, so
> just exit the function immediately.
> 
> Problem found using scripts/coccinelle/null/deref_null.cocci
> 
> Signed-off-by: Julia Lawall <Julia.Lawall@lip6.fr>
> 
> ---
>  net/nfc/netlink.c |    6 ++----
>  1 file changed, 2 insertions(+), 4 deletions(-)
Applied to nfc-next, thanks.

Cheers,
Samuel.

^ permalink raw reply	[flat|nested] 4+ messages in thread
end of thread, other threads:[~2015-10-20  4:50 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2015-10-17  9:32 [PATCH 0/2] delete null dereference Julia Lawall
2015-10-17  9:32 ` [PATCH 1/2] NFC: " Julia Lawall
2015-10-19 12:57   ` Dan Carpenter
2015-10-20  4:50   ` Samuel Ortiz

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).