Re: [PATCH] net: 9p: Fix possible null-pointer dereferences in p9_cm_event_handler()

From: Dominique Martinet
Date: Tue Sep 03 2019 - 06:55:42 EST

Next message: Daniel Vetter: "Re: [PATCH v2 2/6] drm/ttm: add drm gem ttm helpers, starting with drm_gem_ttm_print_info()"
Previous message: Daniel Vetter: "Re: [PATCH v2 1/6] drm: add drm_print_bits"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Jia-Ju,

Dominique Martinet wrote on Wed, Jul 24, 2019:
> Jia-Ju Bai wrote on Wed, Jul 24, 2019:
> > In p9_cm_event_handler(), there is an if statement on 260 to check
> > whether rdma is NULL, which indicates that rdma can be NULL.
> > If so, using rdma->xxx may cause a possible null-pointer dereference.
>
> The final dereference (complete(&rdma->cm_done) line 285) has been here
> from the start, so we would have seen crashes by now if rdma could be
> null at this point.
>
> Let's do it the other way around and remove the useless "if (rdma)" that
> has been here from day 1 instead ; I basically did the same with
> c->status a few months ago (from a coverity report)...

Did you get anywhere with this, or should I submit a new patch myself ?
In the later case I'll tag this as Reported-by you

Thanks,
--
Dominique

Next message: Daniel Vetter: "Re: [PATCH v2 2/6] drm/ttm: add drm gem ttm helpers, starting with drm_gem_ttm_print_info()"
Previous message: Daniel Vetter: "Re: [PATCH v2 1/6] drm: add drm_print_bits"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]