Re: [v1] usb:gadget:legacy:nokia :- Check for NULL in nokia_bind_config

From: Michal Nazarewicz
Date: Fri Dec 09 2016 - 09:59:27 EST

Next message: Arnaldo Carvalho de Melo: "Re: [PATCHv3 perf/core 6/7] samples/bpf: Remove perf_event_open() declaration"
Previous message: Michal Nazarewicz: "[PATCH] =3D?UTF-8?q?usb:=3D20function:=3D20make=3D20sure=3D20usb= =3D?UTF-8?q?nction*=3D20functions=3D20don=3DE2=3D80=3D99t=3D20returen=3D20="
In reply to: Arvind Yadav: "[v1] usb:gadget:legacy:nokia :- Check for NULL in nokia_bind_config"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Dec 08 2016, Arvind Yadav wrote:
> Here, f_acm,f_ecm and f_msg needs to be checked for being NULL
> in nokia_bind_config() before calling usb_add_function(),
> otherwise kernel can run into a NULL-pointer dereference.
>
> f_phonet, f_obex1 and f_obex2 need to be checked for NULL
> in nokia_bind_config() to print proper debug information.
>
> Signed-off-by: Arvind Yadav <arvind.yadav.cs@xxxxxxxxx>

Is this something youâve encountered? As far as I can see, NULL is
never returned from usb_get_function. Itâs always an error pointer.

In fact, if usb_get_function returns NULL, then the null pointer
dereference happens *inside* of the function so checking it outside is
too late.

If we even want to worry about it, this needs to be done in functions.c:

----------- >8 ---------------------------------------------------------

Next message: Arnaldo Carvalho de Melo: "Re: [PATCHv3 perf/core 6/7] samples/bpf: Remove perf_event_open() declaration"
Previous message: Michal Nazarewicz: "[PATCH] =3D?UTF-8?q?usb:=3D20function:=3D20make=3D20sure=3D20usb= =3D?UTF-8?q?nction*=3D20functions=3D20don=3DE2=3D80=3D99t=3D20returen=3D20="
In reply to: Arvind Yadav: "[v1] usb:gadget:legacy:nokia :- Check for NULL in nokia_bind_config"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]