Re: [PATCH v3] ssb: Fix potential NULL pointer dereference in ssb_device_uevent

[Rand Deeb]

On Wed, Mar 6, 2024 at 10:51 PM Jonas Gorski <jonas.gorski@xxxxxxxxx> wrote:
>
> Hi
>
> The NULL check is what needs to be fixed/removed, not the code
> surrounding it. This function will be called from dev_uevent() [1]
> where dev cannot be NULL. So a NULL dereference cannot happen.
>
> Most other implementors of bus_type::uevent have no NULL check. To be
> precise, there is only one other implementor with a NULL check,
> rio_uevent(), and none of the other ones have one. See e.g.
> bcma_device_uevent(), memstick_uevent(), mips_cdmm_uevent(), or
> fsl_mc_bus_uevent().


Hi Jonas,

Thank you for the feedback. To be precise there are actually 8 other 
implementors (and potentially more) with a NULL check not just one 
(parisc_uevent, serio_uevent, ipack_uevent, pci_uevent, pcmcia_bus_uevent, 
rio_uevent, zorro_uevent, and soundbus_ueven).

After a second review, I totally concur with your observations. I quickly 
judged, I believed there might be an alternative way to call the function 
because it's not the only one with a null check, and actually the patch 
version 1 got accknowleded, that's why i'm confused. 

Given that null is improbable in this context due to the calls being made 
through uevent, we should eliminate the redundant condition. In light of 
this, would you recommend sending a new version (v4) of the patch with the 
correct title and info, or do you think it would be more appropriate to 
submit an entirely fresh patch? i'll also send patches to all of the 
implementors.

Best regards.