Re: [PATCH] kconfig: fix potential NULL pointer dereference in conf_askvalue

Next message: Krzysztof Kozlowski: "[PATCH 0/4] memory: Few code cleanups"
Previous message: Tony Luck: "[PATCH] x86/resctrl: Fix SNC detection"
In reply to: Xingjing Deng: "Re: [PATCH] kconfig: fix potential NULL pointer dereference in conf_askvalue"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Nathan Chancellor

Date: Thu Feb 26 2026 - 15:36:20 EST

On Thu, Feb 26, 2026 at 09:25:28AM +0800, Xingjing Deng wrote:
> Nathan Chancellor <nathan@xxxxxxxxxx> 于2026年2月26日周四 03:44写道：
> >
> > On Wed, Feb 25, 2026 at 07:22:46AM +0000, Xingjing Deng wrote:
> > > In conf_askvalue(), the 'def' argument (retrieved via sym_get_string_value)
> > > can be NULL. When the symbol is not changeable, the code calls
> > > printf("%s\n", def), which leads to a segmentation fault on certain
> > > systems/libc implementations when passing a NULL pointer to %s.
> >
> > How do you reproduce this segmentation fault? Surely someone would have
> > hit this if it were a real problem given the Fixes tag? Or is this a
> > corner case?
>
> I tested printing NULL with printf locally and confirmed that it does
> cause issues. In my opinion, this problem is more of a corner case—I
> identified it through static program analysis and have not yet
> reproduced it in practice.

Thanks for confirming. I think it would be better to make this clearer
in the commit message because it reads as though the problem is
reproducible in practice. Also, 'def ?: ""' would do the same thing with
fewer characters.

Cheers,
Nathan