* Potential NULL pointer deference in iwlwifi: mvm
@ 2019-10-10 5:02 Yizhuo Zhai
0 siblings, 0 replies; 3+ messages in thread
From: Yizhuo Zhai @ 2019-10-10 5:02 UTC (permalink / raw)
To: Johannes Berg, Emmanuel Grumbach, Luca Coelho,
Intel Linux Wireless, Kalle Valo, David S. Miller,
Avigail Grinstein, Haim Dreyfuss, linux-wireless, netdev,
linux-kernel
Hi All:
drivers/net/wireless/intel/iwlwifi/mvm/power.c:
The function iwl_mvm_vif_from_mac80211() could return NULL,
but some callers in this file does not check the return value while
directly dereference it, which seems potentially unsafe.
Such callers include iwl_mvm_update_d0i3_power_mode(),
iwl_mvm_power_configure_uapsd(),
iwl_mvm_power_allow_uapsd(), etc.
--
Kind Regards,
Yizhuo Zhai
Computer Science, Graduate Student
University of California, Riverside
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Potential NULL pointer deference in iwlwifi: mvm
2019-10-07 19:19 Yizhuo Zhai
@ 2019-10-07 19:21 ` Johannes Berg
0 siblings, 0 replies; 3+ messages in thread
From: Johannes Berg @ 2019-10-07 19:21 UTC (permalink / raw)
To: Yizhuo Zhai, Emmanuel Grumbach, Luca Coelho,
Intel Linux Wireless, Kalle Valo, Ayala Beker,
Shahar S Matityahu, Sara Sharon, linux-wireless, netdev,
linux-kernel, Zhiyun Qian, Chengyu Song
On Mon, 2019-10-07 at 12:19 -0700, Yizhuo Zhai wrote:
> Hi All:
>
> drivers/net/wireless/intel/iwlwifi/mvm/scan.c:
>
> Inside function iwl_mvm_power_ps_disabled_iterator(),
> iwl_mvm_vif_from_mac80211()
> could return NULL
No, it can not.
Whatever tool you've used to find this - you should fix it.
johannes
^ permalink raw reply [flat|nested] 3+ messages in thread
* Potential NULL pointer deference in iwlwifi: mvm
@ 2019-10-07 19:19 Yizhuo Zhai
2019-10-07 19:21 ` Johannes Berg
0 siblings, 1 reply; 3+ messages in thread
From: Yizhuo Zhai @ 2019-10-07 19:19 UTC (permalink / raw)
To: Johannes Berg, Emmanuel Grumbach, Luca Coelho,
Intel Linux Wireless, Kalle Valo, Ayala Beker,
Shahar S Matityahu, Sara Sharon, linux-wireless, netdev,
linux-kernel, Zhiyun Qian, Chengyu Song
Hi All:
drivers/net/wireless/intel/iwlwifi/mvm/scan.c:
Inside function iwl_mvm_power_ps_disabled_iterator(),
iwl_mvm_vif_from_mac80211()
could return NULL,however, the return value of
iwl_mvm_vif_from_mac80211() is not checked and get
used. This could potentially be unsafe.
--
Kind Regards,
Yizhuo Zhai
Computer Science, Graduate Student
University of California, Riverside
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2019-10-10 5:03 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-10-10 5:02 Potential NULL pointer deference in iwlwifi: mvm Yizhuo Zhai
-- strict thread matches above, loose matches on Subject: below --
2019-10-07 19:19 Yizhuo Zhai
2019-10-07 19:21 ` Johannes Berg
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).