Re: [PATCH] Convert BUG_ON to WARN_ON in bond_options.c

From: Michael J Dilmore
Date: Wed Jun 21 2017 - 18:27:54 EST

Next message: Thomas Gleixner: "Re: [patch 0/7] x86/pci: Switch to lockless ECAM configuration mode"
Previous message: Guenter Roeck: "Re: rtc: ds3232: add temperature support"
In reply to: David Miller: "Re: [PATCH] Convert BUG_ON to WARN_ON in bond_options.c"
Next in thread: Jay Vosburgh: "Re: [PATCH] Convert BUG_ON to WARN_ON in bond_options.c"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 21/06/17 22:56, David Miller wrote:

From: Michael D <michael.j.dilmore@xxxxxxxxx>
Date: Wed, 21 Jun 2017 22:41:07 +0100

I don't think you can stop it being dereferenced... you just need to
prevent an attacker from exploiting the null pointer dereference
vulnerability right? And this is done by returning the function right
away?

What's all of this about an "attacker"?

If there is a bug, we dererence a NULL pointer, and we should
fix that bug.

The BUG_ON() helps us see where the problem is while at the
same time stopping the kernel before the NULL deref happens.

Ok this is starting to make sense now - went a bit off track but think my general thinking is ok - i.e. if we return the function with an error code before the dereference then this basically does the same thing as BUG_ON but without crashing the kernel.

Something like:

if (WARN_ON(!new_active_slave) {
netdev_dbg("Can't add new active slave - pointer null");
return ERROR_CODE
}

Next message: Thomas Gleixner: "Re: [patch 0/7] x86/pci: Switch to lockless ECAM configuration mode"
Previous message: Guenter Roeck: "Re: rtc: ds3232: add temperature support"
In reply to: David Miller: "Re: [PATCH] Convert BUG_ON to WARN_ON in bond_options.c"
Next in thread: Jay Vosburgh: "Re: [PATCH] Convert BUG_ON to WARN_ON in bond_options.c"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]