Re: [PATCH] VMCI: Fix potential NULL pointer dereference when acquire a lock

From: Greg Kroah-Hartman
Date: Wed Mar 18 2020 - 07:01:14 EST

Next message: Chunyan Zhang: "Re: [PATCH v2 2/2] serial: sprd: cleanup the sprd_port for error case"
Previous message: Paolo Bonzini: "Re: [PATCH] KVM: nVMX: remove side effects from nested_vmx_exit_reflected"
In reply to: Xiyu Yang: "[PATCH] VMCI: Fix potential NULL pointer dereference when acquire a lock"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Mar 17, 2020 at 12:36:47AM +0800, Xiyu Yang wrote:
> A NULL pointer can be returned by vmci_ctx_get(). Thus add a
> corresponding check so that a NULL pointer dereference will
> be avoided when acquire a lock in spin_lock.
>
> Signed-off-by: Xiyu Yang <xiyuyang19@xxxxxxxxxxxx>
> Signed-off-by: Xin Tan <tanxin.ctf@xxxxxxxxx>
> ---
> drivers/misc/vmw_vmci/vmci_context.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/drivers/misc/vmw_vmci/vmci_context.c b/drivers/misc/vmw_vmci/vmci_context.c
> index 16695366ec92..a20878fba374 100644
> --- a/drivers/misc/vmw_vmci/vmci_context.c
> +++ b/drivers/misc/vmw_vmci/vmci_context.c
> @@ -898,6 +898,8 @@ void vmci_ctx_rcv_notifications_release(u32 context_id,
> bool success)
> {
> struct vmci_ctx *context = vmci_ctx_get(context_id);
> + if (context == NULL)
> + return;

But, if you look at the code, context_id is guaranteed to point to a
valid context, right? Or can this somehow get dropped between the last
"get" and this one?

Anyway, the coding style is wrong here, always run checkpatch.pl on your
patches please.

thanks,

greg k-h

Next message: Chunyan Zhang: "Re: [PATCH v2 2/2] serial: sprd: cleanup the sprd_port for error case"
Previous message: Paolo Bonzini: "Re: [PATCH] KVM: nVMX: remove side effects from nested_vmx_exit_reflected"
In reply to: Xiyu Yang: "[PATCH] VMCI: Fix potential NULL pointer dereference when acquire a lock"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]