LKML Archive on lore.kernel.org
help / color / mirror / Atom feed
* [PATCH v2] staging: rtl8192u: r8192U_core: Fix for possible null pointer dereference
@ 2015-01-29 18:59 Rickard Strandqvist
2015-02-02 16:51 ` Sudip Mukherjee
2015-02-05 12:27 ` Dan Carpenter
0 siblings, 2 replies; 9+ messages in thread
From: Rickard Strandqvist @ 2015-01-29 18:59 UTC (permalink / raw)
To: Greg Kroah-Hartman, Peter P Waskiewicz Jr
Cc: Rickard Strandqvist, Antoine Schweitzer-Chaput, Ana Rey,
Chaitanya Hazarey, Koray Gulcu, Greg Donald, devel, linux-kernel
Fix a possible null pointer dereference, there is
otherwise a risk of a possible null pointer dereference.
This was found using a static code analysis program called cppcheck
Signed-off-by: Rickard Strandqvist <rickard_strandqvist@spectrumdigital.se>
---
drivers/staging/rtl8192u/r8192U_core.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/drivers/staging/rtl8192u/r8192U_core.c b/drivers/staging/rtl8192u/r8192U_core.c
index e031a25..4a29237 100644
--- a/drivers/staging/rtl8192u/r8192U_core.c
+++ b/drivers/staging/rtl8192u/r8192U_core.c
@@ -4476,11 +4476,11 @@ static void query_rxdesc_status(struct sk_buff *skb,
/* for debug 2008.5.29 */
- //added by vivi, for MP, 20080108
- stats->RxIs40MHzPacket = driver_info->BW;
- if (stats->RxDrvInfoSize != 0)
+ if (driver_info && stats->RxDrvInfoSize != 0) {
+ //added by vivi, for MP, 20080108
+ stats->RxIs40MHzPacket = driver_info->BW;
TranslateRxSignalStuff819xUsb(skb, stats, driver_info);
-
+ }
}
static void rtl8192_rx_nomal(struct sk_buff *skb)
--
1.7.10.4
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH v2] staging: rtl8192u: r8192U_core: Fix for possible null pointer dereference
2015-01-29 18:59 [PATCH v2] staging: rtl8192u: r8192U_core: Fix for possible null pointer dereference Rickard Strandqvist
@ 2015-02-02 16:51 ` Sudip Mukherjee
2015-02-04 20:05 ` Rickard Strandqvist
2015-02-05 12:27 ` Dan Carpenter
1 sibling, 1 reply; 9+ messages in thread
From: Sudip Mukherjee @ 2015-02-02 16:51 UTC (permalink / raw)
To: Rickard Strandqvist
Cc: Greg Kroah-Hartman, Peter P Waskiewicz Jr,
Antoine Schweitzer-Chaput, Ana Rey, Chaitanya Hazarey,
Koray Gulcu, Greg Donald, devel, linux-kernel
On Thu, Jan 29, 2015 at 07:59:12PM +0100, Rickard Strandqvist wrote:
> Fix a possible null pointer dereference, there is
> otherwise a risk of a possible null pointer dereference.
>
> This was found using a static code analysis program called cppcheck
>
> Signed-off-by: Rickard Strandqvist <rickard_strandqvist@spectrumdigital.se>
> ---
> drivers/staging/rtl8192u/r8192U_core.c | 8 ++++----
> 1 file changed, 4 insertions(+), 4 deletions(-)
>
> diff --git a/drivers/staging/rtl8192u/r8192U_core.c b/drivers/staging/rtl8192u/r8192U_core.c
> index e031a25..4a29237 100644
> --- a/drivers/staging/rtl8192u/r8192U_core.c
> +++ b/drivers/staging/rtl8192u/r8192U_core.c
> @@ -4476,11 +4476,11 @@ static void query_rxdesc_status(struct sk_buff *skb,
>
> /* for debug 2008.5.29 */
>
> - //added by vivi, for MP, 20080108
> - stats->RxIs40MHzPacket = driver_info->BW;
> - if (stats->RxDrvInfoSize != 0)
> + if (driver_info && stats->RxDrvInfoSize != 0) {
> + //added by vivi, for MP, 20080108
> + stats->RxIs40MHzPacket = driver_info->BW;
> TranslateRxSignalStuff819xUsb(skb, stats, driver_info);
> -
> + }
but isn't the logic getting changed here?
regards
sudip
> }
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH v2] staging: rtl8192u: r8192U_core: Fix for possible null pointer dereference
2015-02-02 16:51 ` Sudip Mukherjee
@ 2015-02-04 20:05 ` Rickard Strandqvist
0 siblings, 0 replies; 9+ messages in thread
From: Rickard Strandqvist @ 2015-02-04 20:05 UTC (permalink / raw)
To: Sudip Mukherjee
Cc: Greg Kroah-Hartman, Peter P Waskiewicz Jr,
Antoine Schweitzer-Chaput, Ana Rey, Chaitanya Hazarey,
Koray Gulcu, Greg Donald, devel, Linux Kernel Mailing List
2015-02-02 17:51 GMT+01:00 Sudip Mukherjee <sudipm.mukherjee@gmail.com>:
> On Thu, Jan 29, 2015 at 07:59:12PM +0100, Rickard Strandqvist wrote:
>> Fix a possible null pointer dereference, there is
>> otherwise a risk of a possible null pointer dereference.
>>
>> This was found using a static code analysis program called cppcheck
>>
>> Signed-off-by: Rickard Strandqvist <rickard_strandqvist@spectrumdigital.se>
>> ---
>> drivers/staging/rtl8192u/r8192U_core.c | 8 ++++----
>> 1 file changed, 4 insertions(+), 4 deletions(-)
>>
>> diff --git a/drivers/staging/rtl8192u/r8192U_core.c b/drivers/staging/rtl8192u/r8192U_core.c
>> index e031a25..4a29237 100644
>> --- a/drivers/staging/rtl8192u/r8192U_core.c
>> +++ b/drivers/staging/rtl8192u/r8192U_core.c
>> @@ -4476,11 +4476,11 @@ static void query_rxdesc_status(struct sk_buff *skb,
>>
>> /* for debug 2008.5.29 */
>>
>> - //added by vivi, for MP, 20080108
>> - stats->RxIs40MHzPacket = driver_info->BW;
>> - if (stats->RxDrvInfoSize != 0)
>> + if (driver_info && stats->RxDrvInfoSize != 0) {
>> + //added by vivi, for MP, 20080108
>> + stats->RxIs40MHzPacket = driver_info->BW;
>> TranslateRxSignalStuff819xUsb(skb, stats, driver_info);
>> -
>> + }
> but isn't the logic getting changed here?
>
> regards
> sudip
>
>> }
Hi Sudip
Yes partly, but that's too ensure that driver_info is not null.
Se
call TranslateRxSignalStuff819xUsb()
->
call rtl8192_query_rxphystatus()
Where driver_info is pdrvinfo, and is used as:
pdrvinfo->RxHT && pdrvinfo->RxRate
and more.
Or perhaps change in rtl8192_query_rxphystatus() instead?
Kind regards
Rickard Strandqvist
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH v2] staging: rtl8192u: r8192U_core: Fix for possible null pointer dereference
2015-01-29 18:59 [PATCH v2] staging: rtl8192u: r8192U_core: Fix for possible null pointer dereference Rickard Strandqvist
2015-02-02 16:51 ` Sudip Mukherjee
@ 2015-02-05 12:27 ` Dan Carpenter
2015-02-05 12:43 ` Sudip Mukherjee
1 sibling, 1 reply; 9+ messages in thread
From: Dan Carpenter @ 2015-02-05 12:27 UTC (permalink / raw)
To: Rickard Strandqvist
Cc: Greg Kroah-Hartman, Peter P Waskiewicz Jr, devel,
Chaitanya Hazarey, linux-kernel, Greg Donald, Koray Gulcu
I don't know if this patch was merged before Greg cleaned out his inbox.
It's a good patch if you could just clean it up a bit.
On Thu, Jan 29, 2015 at 07:59:12PM +0100, Rickard Strandqvist wrote:
> Fix a possible null pointer dereference, there is
> otherwise a risk of a possible null pointer dereference.
The change log should say that "driver_info" is the NULL pointer. It
should say that by default stats->RxIs40MHzPacket is zero (as opposed to
uninitialized memory).
>
> This was found using a static code analysis program called cppcheck
>
> Signed-off-by: Rickard Strandqvist <rickard_strandqvist@spectrumdigital.se>
> ---
> drivers/staging/rtl8192u/r8192U_core.c | 8 ++++----
> 1 file changed, 4 insertions(+), 4 deletions(-)
>
> diff --git a/drivers/staging/rtl8192u/r8192U_core.c b/drivers/staging/rtl8192u/r8192U_core.c
> index e031a25..4a29237 100644
> --- a/drivers/staging/rtl8192u/r8192U_core.c
> +++ b/drivers/staging/rtl8192u/r8192U_core.c
> @@ -4476,11 +4476,11 @@ static void query_rxdesc_status(struct sk_buff *skb,
>
> /* for debug 2008.5.29 */
>
> - //added by vivi, for MP, 20080108
> - stats->RxIs40MHzPacket = driver_info->BW;
> - if (stats->RxDrvInfoSize != 0)
> + if (driver_info && stats->RxDrvInfoSize != 0) {
> + //added by vivi, for MP, 20080108
Delete these kinds of comments, please.
> + stats->RxIs40MHzPacket = driver_info->BW;
> TranslateRxSignalStuff819xUsb(skb, stats, driver_info);
> -
> + }
regards,
dan carpenter
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH v2] staging: rtl8192u: r8192U_core: Fix for possible null pointer dereference
2015-02-05 12:27 ` Dan Carpenter
@ 2015-02-05 12:43 ` Sudip Mukherjee
2015-02-05 12:51 ` Dan Carpenter
0 siblings, 1 reply; 9+ messages in thread
From: Sudip Mukherjee @ 2015-02-05 12:43 UTC (permalink / raw)
To: Dan Carpenter
Cc: Rickard Strandqvist, Greg Kroah-Hartman, Peter P Waskiewicz Jr,
devel, Chaitanya Hazarey, linux-kernel, Greg Donald, Koray Gulcu
On Thu, Feb 05, 2015 at 03:27:45PM +0300, Dan Carpenter wrote:
> I don't know if this patch was merged before Greg cleaned out his inbox.
>
> It's a good patch if you could just clean it up a bit.
>
> On Thu, Jan 29, 2015 at 07:59:12PM +0100, Rickard Strandqvist wrote:
> > Fix a possible null pointer dereference, there is
> > otherwise a risk of a possible null pointer dereference.
>
> The change log should say that "driver_info" is the NULL pointer. It
> should say that by default stats->RxIs40MHzPacket is zero (as opposed to
> uninitialized memory).
>
> >
<snip>
> > +++ b/drivers/staging/rtl8192u/r8192U_core.c
> > @@ -4476,11 +4476,11 @@ static void query_rxdesc_status(struct sk_buff *skb,
> >
> > /* for debug 2008.5.29 */
> >
> > - //added by vivi, for MP, 20080108
> > - stats->RxIs40MHzPacket = driver_info->BW;
> > - if (stats->RxDrvInfoSize != 0)
> > + if (driver_info && stats->RxDrvInfoSize != 0) {
> > + //added by vivi, for MP, 20080108
>
> Delete these kinds of comments, please.
>
>
> > + stats->RxIs40MHzPacket = driver_info->BW;
> > TranslateRxSignalStuff819xUsb(skb, stats, driver_info);
> > -
> > + }
but in the present form the logic is changing. can you please check the following idea -
if (driver_info) {
stats->RxIs40MHzPacket = driver_info->BW;
if (stats->RxDrvInfoSize != 0)
TranslateRxSignalStuff819xUsb(skb, stats, driver_info);
}
regards
sudip
>
> regards,
> dan carpenter
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH v2] staging: rtl8192u: r8192U_core: Fix for possible null pointer dereference
2015-02-05 12:43 ` Sudip Mukherjee
@ 2015-02-05 12:51 ` Dan Carpenter
2015-02-05 17:39 ` Rickard Strandqvist
0 siblings, 1 reply; 9+ messages in thread
From: Dan Carpenter @ 2015-02-05 12:51 UTC (permalink / raw)
To: Sudip Mukherjee
Cc: devel, Rickard Strandqvist, Chaitanya Hazarey,
Greg Kroah-Hartman, Peter P Waskiewicz Jr, linux-kernel,
Greg Donald, Koray Gulcu
On Thu, Feb 05, 2015 at 06:13:22PM +0530, Sudip Mukherjee wrote:
> if (driver_info) {
> stats->RxIs40MHzPacket = driver_info->BW;
> if (stats->RxDrvInfoSize != 0)
> TranslateRxSignalStuff819xUsb(skb, stats, driver_info);
> }
If driver_info is non-NULL then stats->RxDrvInfoSize is not zero and
also the reverse. So really you only need to test one.
regards,
dan carpenter
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH v2] staging: rtl8192u: r8192U_core: Fix for possible null pointer dereference
2015-02-05 12:51 ` Dan Carpenter
@ 2015-02-05 17:39 ` Rickard Strandqvist
2015-02-06 14:32 ` Sudip Mukherjee
0 siblings, 1 reply; 9+ messages in thread
From: Rickard Strandqvist @ 2015-02-05 17:39 UTC (permalink / raw)
To: Dan Carpenter
Cc: Sudip Mukherjee, devel, Chaitanya Hazarey, Greg Kroah-Hartman,
Peter P Waskiewicz Jr, Linux Kernel Mailing List, Greg Donald,
Koray Gulcu
2015-02-05 13:51 GMT+01:00 Dan Carpenter <dan.carpenter@oracle.com>:
> On Thu, Feb 05, 2015 at 06:13:22PM +0530, Sudip Mukherjee wrote:
>> if (driver_info) {
>> stats->RxIs40MHzPacket = driver_info->BW;
>> if (stats->RxDrvInfoSize != 0)
>> TranslateRxSignalStuff819xUsb(skb, stats, driver_info);
>> }
>
> If driver_info is non-NULL then stats->RxDrvInfoSize is not zero and
> also the reverse. So really you only need to test one.
>
> regards,
> dan carpenter
>
True Dan
Okay, I'll make one last patch then, or if you want to do it Sudip?
Have you not done before Saturday I do it.
Kind regards
Rickard Strandqvist
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH v2] staging: rtl8192u: r8192U_core: Fix for possible null pointer dereference
2015-02-05 17:39 ` Rickard Strandqvist
@ 2015-02-06 14:32 ` Sudip Mukherjee
2015-02-07 13:04 ` Rickard Strandqvist
0 siblings, 1 reply; 9+ messages in thread
From: Sudip Mukherjee @ 2015-02-06 14:32 UTC (permalink / raw)
To: Rickard Strandqvist
Cc: Dan Carpenter, devel, Chaitanya Hazarey, Greg Kroah-Hartman,
Peter P Waskiewicz Jr, Linux Kernel Mailing List, Greg Donald,
Koray Gulcu
On Thu, Feb 05, 2015 at 06:39:13PM +0100, Rickard Strandqvist wrote:
> 2015-02-05 13:51 GMT+01:00 Dan Carpenter <dan.carpenter@oracle.com>:
> > On Thu, Feb 05, 2015 at 06:13:22PM +0530, Sudip Mukherjee wrote:
> >> if (driver_info) {
> >> stats->RxIs40MHzPacket = driver_info->BW;
> >> if (stats->RxDrvInfoSize != 0)
> >> TranslateRxSignalStuff819xUsb(skb, stats, driver_info);
> >> }
> >
> > If driver_info is non-NULL then stats->RxDrvInfoSize is not zero and
> > also the reverse. So really you only need to test one.
> >
> > regards,
> > dan carpenter
> >
>
> True Dan
>
> Okay, I'll make one last patch then, or if you want to do it Sudip?
> Have you not done before Saturday I do it.
no, its yours. you found it so credit should be yours.
I am sure Greg will accept this one. If he drops then maybe I can re-send with you as Reported-by
regards
Sudip
>
> Kind regards
> Rickard Strandqvist
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH v2] staging: rtl8192u: r8192U_core: Fix for possible null pointer dereference
2015-02-06 14:32 ` Sudip Mukherjee
@ 2015-02-07 13:04 ` Rickard Strandqvist
0 siblings, 0 replies; 9+ messages in thread
From: Rickard Strandqvist @ 2015-02-07 13:04 UTC (permalink / raw)
To: Sudip Mukherjee
Cc: Dan Carpenter, devel, Chaitanya Hazarey, Greg Kroah-Hartman,
Peter P Waskiewicz Jr, Linux Kernel Mailing List, Greg Donald,
Koray Gulcu
2015-02-06 15:32 GMT+01:00 Sudip Mukherjee <sudipm.mukherjee@gmail.com>:
> On Thu, Feb 05, 2015 at 06:39:13PM +0100, Rickard Strandqvist wrote:
>> 2015-02-05 13:51 GMT+01:00 Dan Carpenter <dan.carpenter@oracle.com>:
>> > On Thu, Feb 05, 2015 at 06:13:22PM +0530, Sudip Mukherjee wrote:
>> >> if (driver_info) {
>> >> stats->RxIs40MHzPacket = driver_info->BW;
>> >> if (stats->RxDrvInfoSize != 0)
>> >> TranslateRxSignalStuff819xUsb(skb, stats, driver_info);
>> >> }
>> >
>> > If driver_info is non-NULL then stats->RxDrvInfoSize is not zero and
>> > also the reverse. So really you only need to test one.
>> >
>> > regards,
>> > dan carpenter
>> >
>>
>> True Dan
>>
>> Okay, I'll make one last patch then, or if you want to do it Sudip?
>> Have you not done before Saturday I do it.
> no, its yours. you found it so credit should be yours.
> I am sure Greg will accept this one. If he drops then maybe I can re-send with you as Reported-by
>
> regards
> Sudip
>
>>
>> Kind regards
>> Rickard Strandqvist
Thanks Sudip :)
And after checking some more, I agree with Dan cleaner to only use
if(driver_info)
New patch coming soon.
Kind regards
Rickard Strandqvist
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2015-02-07 13:05 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2015-01-29 18:59 [PATCH v2] staging: rtl8192u: r8192U_core: Fix for possible null pointer dereference Rickard Strandqvist
2015-02-02 16:51 ` Sudip Mukherjee
2015-02-04 20:05 ` Rickard Strandqvist
2015-02-05 12:27 ` Dan Carpenter
2015-02-05 12:43 ` Sudip Mukherjee
2015-02-05 12:51 ` Dan Carpenter
2015-02-05 17:39 ` Rickard Strandqvist
2015-02-06 14:32 ` Sudip Mukherjee
2015-02-07 13:04 ` Rickard Strandqvist
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).