Re: [PATCH] kconfig: fix potential NULL pointer dereference in conf_askvalue

Next message: kernel test robot: "Re: [PATCH v6 29/30] arm64: kpkeys: Enable kpkeys_hardened_pgtables support"
Previous message: Xingjing Deng: "[PATCH v2] kconfig: fix potential NULL pointer dereference in conf_askvalue()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Xingjing Deng

Date: Sun Mar 01 2026 - 00:31:22 EST

Nathan Chancellor <nathan@xxxxxxxxxx> 于2026年2月27日周五 04:35写道：
>
> On Thu, Feb 26, 2026 at 09:25:28AM +0800, Xingjing Deng wrote:
> > Nathan Chancellor <nathan@xxxxxxxxxx> 于2026年2月26日周四 03:44写道：
> > >
> > > On Wed, Feb 25, 2026 at 07:22:46AM +0000, Xingjing Deng wrote:
> > > > In conf_askvalue(), the 'def' argument (retrieved via sym_get_string_value)
> > > > can be NULL. When the symbol is not changeable, the code calls
> > > > printf("%s\n", def), which leads to a segmentation fault on certain
> > > > systems/libc implementations when passing a NULL pointer to %s.
> > >
> > > How do you reproduce this segmentation fault? Surely someone would have
> > > hit this if it were a real problem given the Fixes tag? Or is this a
> > > corner case?
> >
> > I tested printing NULL with printf locally and confirmed that it does
> > cause issues. In my opinion, this problem is more of a corner case—I
> > identified it through static program analysis and have not yet
> > reproduced it in practice.
>
> Thanks for confirming. I think it would be better to make this clearer
> in the commit message because it reads as though the problem is
> reproducible in practice. Also, 'def ?: ""' would do the same thing with
> fewer characters.
>
> Cheers,
> Nathan

OK, I have published v2 now.
Thanks for your reply.