Re: [PATCH 0/2] HID: hidraw, fix two NULL pointer dereferences
From: Jiri Slaby
Date: Wed Oct 06 2010 - 06:09:17 EST
On 10/06/2010 12:01 PM, Antonio Ospite wrote:
> On Tue, 05 Oct 2010 23:12:00 +0200
> Jiri Slaby <jirislaby@xxxxxxxxx> wrote:
>
>> On 10/05/2010 05:20 PM, Antonio Ospite wrote:
>>> here are some fixes to hidraw.
>>>
>>> Patches are against 2.6.36-rc6, but they should be ported to other
>>> maintained stable kernels as well.
>>>
>>> Antonio Ospite (2):
>>> HID: hidraw, fix a NULL pointer dereference in hidraw_ioctl
>>> HID: hidraw, fix a NULL pointer dereference in hidraw_write
>>
>> Hi, please fix also the window in hidraw_release.
>>
>
> I am not sure I get what you mean, can you please add more details?
Sure. Look at the code:
if (!hidraw_table[minor])
return -ENODEV;
...
dev = hidraw_table[minor];
if (!--dev->open) {
...
This is done without minors_lock, so you can easily have dev being NULL
even though the first if.
regards,
--
js
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/