LKML Archive on lore.kernel.org
help / color / mirror / Atom feed
* Re: [PATCH] drivers/block/drbd: add NULL test around call to crypto_free_hash
  2011-01-31 17:51 [PATCH] drivers/block/drbd: add NULL test around call to crypto_free_hash Julia Lawall
@ 2011-01-31 17:39 ` walter harms
  2011-01-31 17:44   ` Julia Lawall
  0 siblings, 1 reply; 3+ messages in thread
From: walter harms @ 2011-01-31 17:39 UTC (permalink / raw)
  To: Julia Lawall; +Cc: Lars Ellenberg, kernel-janitors, drbd-user, linux-kernel



Am 31.01.2011 18:51, schrieb Julia Lawall:
> crypto_free_hash calls the function crypto_hash_tfm and then
> crypto_free_tfm on the result.  crypto_free_tfm calls crypto_destroy_tfm,
> which tests this result for NULL and then dereferences it.  crypto_hash_tfm
> returns &tfm->base where tfm is its argument.  base is actually the first
> and only field of a crypto_hash-typed structure, so perhaps one can rely on
> it to return NULL for a NULL value of tfm.  But most calls to
> crypto_hash_tfm where the argument might be NULL don't rely on this
> property and test for NULL explicitly.
> 
> The semantic match that finds this problem is as follows:
> (http://coccinelle.lip6.fr/)
> 
> // <smpl>
> @safe@
> position p;
> expression x;
> @@
> 
> if (x) { <+... crypto_free_hash@p(x) ...+> }
> 
> @@
> expression x;
> position p!=safe.p;
> @@
> 
> *x = NULL
> ...
> *crypto_free_hash@p(x)
> // </smpl>
> 
> Signed-off-by: Julia Lawall <julia@diku.dk>
> 
> ---
>  drivers/block/drbd/drbd_nl.c       |   18 ++++++++++++------
>  drivers/block/drbd/drbd_receiver.c |    6 ++++--
>  2 files changed, 16 insertions(+), 8 deletions(-)
> 
> diff --git a/drivers/block/drbd/drbd_nl.c b/drivers/block/drbd/drbd_nl.c
> index 8cbfaa6..aa5fbc0 100644
> --- a/drivers/block/drbd/drbd_nl.c
> +++ b/drivers/block/drbd/drbd_nl.c
> @@ -1482,13 +1482,16 @@ static int drbd_nl_net_conf(struct drbd_conf *mdev, struct drbd_nl_cfg_req *nlp,
>  		mdev->ee_hash = new_ee_hash;
>  	}
>  
> -	crypto_free_hash(mdev->cram_hmac_tfm);
> +	if (mdev->cram_hmac_tfm)
> +		crypto_free_hash(mdev->cram_hmac_tfm);
>  	mdev->cram_hmac_tfm = tfm;
>  
> -	crypto_free_hash(mdev->integrity_w_tfm);
> +	if (mdev->integrity_w_tfm)
> +		crypto_free_hash(mdev->integrity_w_tfm);
>  	mdev->integrity_w_tfm = integrity_w_tfm;
>  
> -	crypto_free_hash(mdev->integrity_r_tfm);
> +	if (mdev->integrity_r_tfm)
> +		crypto_free_hash(mdev->integrity_r_tfm);
>  	mdev->integrity_r_tfm = integrity_r_tfm;
>  
>  	kfree(mdev->int_dig_out);
> @@ -1509,9 +1512,12 @@ fail:
>  	kfree(int_dig_out);
>  	kfree(int_dig_in);
>  	kfree(int_dig_vv);
> -	crypto_free_hash(tfm);
> -	crypto_free_hash(integrity_w_tfm);
> -	crypto_free_hash(integrity_r_tfm);
> +	if (tfm)
> +		crypto_free_hash(tfm);
> +	if (integrity_w_tfm)
> +		crypto_free_hash(integrity_w_tfm);
> +	if (integrity_r_tfm)
> +		crypto_free_hash(integrity_r_tfm);
>  	kfree(new_tl_hash);
>  	kfree(new_ee_hash);
>  	kfree(new_conf);
> diff --git a/drivers/block/drbd/drbd_receiver.c b/drivers/block/drbd/drbd_receiver.c
> index 24487d4..3453cc3 100644
> --- a/drivers/block/drbd/drbd_receiver.c
> +++ b/drivers/block/drbd/drbd_receiver.c
> @@ -2871,9 +2871,11 @@ static int receive_SyncParam(struct drbd_conf *mdev, enum drbd_packets cmd, unsi
>  disconnect:
>  	/* just for completeness: actually not needed,
>  	 * as this is not reached if csums_tfm was ok. */
> -	crypto_free_hash(csums_tfm);
> +	if (csums_tfm)
> +		crypto_free_hash(csums_tfm);
>  	/* but free the verify_tfm again, if csums_tfm did not work out */
> -	crypto_free_hash(verify_tfm);
> +	if (verify_tfm)
> +		crypto_free_hash(verify_tfm);
>  	drbd_force_state(mdev, NS(conn, C_DISCONNECTING));
>  	return FALSE;
>  }
> 

it looks that it would be more sensibel to change crypto_free_hash() to handle
NULL that would be more consistent with the free() family.

just my 2 cents,
re,
 wh



^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH] drivers/block/drbd: add NULL test around call to crypto_free_hash
  2011-01-31 17:39 ` walter harms
@ 2011-01-31 17:44   ` Julia Lawall
  0 siblings, 0 replies; 3+ messages in thread
From: Julia Lawall @ 2011-01-31 17:44 UTC (permalink / raw)
  To: walter harms; +Cc: Lars Ellenberg, kernel-janitors, drbd-user, linux-kernel

On Mon, 31 Jan 2011, walter harms wrote:

> 
> 
> Am 31.01.2011 18:51, schrieb Julia Lawall:
> > crypto_free_hash calls the function crypto_hash_tfm and then
> > crypto_free_tfm on the result.  crypto_free_tfm calls crypto_destroy_tfm,
> > which tests this result for NULL and then dereferences it.  crypto_hash_tfm
> > returns &tfm->base where tfm is its argument.  base is actually the first
> > and only field of a crypto_hash-typed structure, so perhaps one can rely on
> > it to return NULL for a NULL value of tfm.  But most calls to
> > crypto_hash_tfm where the argument might be NULL don't rely on this
> > property and test for NULL explicitly.
> > 
> > The semantic match that finds this problem is as follows:
> > (http://coccinelle.lip6.fr/)
> > 
> > // <smpl>
> > @safe@
> > position p;
> > expression x;
> > @@
> > 
> > if (x) { <+... crypto_free_hash@p(x) ...+> }
> > 
> > @@
> > expression x;
> > position p!=safe.p;
> > @@
> > 
> > *x = NULL
> > ...
> > *crypto_free_hash@p(x)
> > // </smpl>
> > 
> > Signed-off-by: Julia Lawall <julia@diku.dk>
> > 
> > ---
> >  drivers/block/drbd/drbd_nl.c       |   18 ++++++++++++------
> >  drivers/block/drbd/drbd_receiver.c |    6 ++++--
> >  2 files changed, 16 insertions(+), 8 deletions(-)
> > 
> > diff --git a/drivers/block/drbd/drbd_nl.c b/drivers/block/drbd/drbd_nl.c
> > index 8cbfaa6..aa5fbc0 100644
> > --- a/drivers/block/drbd/drbd_nl.c
> > +++ b/drivers/block/drbd/drbd_nl.c
> > @@ -1482,13 +1482,16 @@ static int drbd_nl_net_conf(struct drbd_conf *mdev, struct drbd_nl_cfg_req *nlp,
> >  		mdev->ee_hash = new_ee_hash;
> >  	}
> >  
> > -	crypto_free_hash(mdev->cram_hmac_tfm);
> > +	if (mdev->cram_hmac_tfm)
> > +		crypto_free_hash(mdev->cram_hmac_tfm);
> >  	mdev->cram_hmac_tfm = tfm;
> >  
> > -	crypto_free_hash(mdev->integrity_w_tfm);
> > +	if (mdev->integrity_w_tfm)
> > +		crypto_free_hash(mdev->integrity_w_tfm);
> >  	mdev->integrity_w_tfm = integrity_w_tfm;
> >  
> > -	crypto_free_hash(mdev->integrity_r_tfm);
> > +	if (mdev->integrity_r_tfm)
> > +		crypto_free_hash(mdev->integrity_r_tfm);
> >  	mdev->integrity_r_tfm = integrity_r_tfm;
> >  
> >  	kfree(mdev->int_dig_out);
> > @@ -1509,9 +1512,12 @@ fail:
> >  	kfree(int_dig_out);
> >  	kfree(int_dig_in);
> >  	kfree(int_dig_vv);
> > -	crypto_free_hash(tfm);
> > -	crypto_free_hash(integrity_w_tfm);
> > -	crypto_free_hash(integrity_r_tfm);
> > +	if (tfm)
> > +		crypto_free_hash(tfm);
> > +	if (integrity_w_tfm)
> > +		crypto_free_hash(integrity_w_tfm);
> > +	if (integrity_r_tfm)
> > +		crypto_free_hash(integrity_r_tfm);
> >  	kfree(new_tl_hash);
> >  	kfree(new_ee_hash);
> >  	kfree(new_conf);
> > diff --git a/drivers/block/drbd/drbd_receiver.c b/drivers/block/drbd/drbd_receiver.c
> > index 24487d4..3453cc3 100644
> > --- a/drivers/block/drbd/drbd_receiver.c
> > +++ b/drivers/block/drbd/drbd_receiver.c
> > @@ -2871,9 +2871,11 @@ static int receive_SyncParam(struct drbd_conf *mdev, enum drbd_packets cmd, unsi
> >  disconnect:
> >  	/* just for completeness: actually not needed,
> >  	 * as this is not reached if csums_tfm was ok. */
> > -	crypto_free_hash(csums_tfm);
> > +	if (csums_tfm)
> > +		crypto_free_hash(csums_tfm);
> >  	/* but free the verify_tfm again, if csums_tfm did not work out */
> > -	crypto_free_hash(verify_tfm);
> > +	if (verify_tfm)
> > +		crypto_free_hash(verify_tfm);
> >  	drbd_force_state(mdev, NS(conn, C_DISCONNECTING));
> >  	return FALSE;
> >  }
> > 
> 
> it looks that it would be more sensibel to change crypto_free_hash() to handle
> NULL that would be more consistent with the free() family.

That was the other option...

julia

^ permalink raw reply	[flat|nested] 3+ messages in thread

* [PATCH] drivers/block/drbd: add NULL test around call to crypto_free_hash
@ 2011-01-31 17:51 Julia Lawall
  2011-01-31 17:39 ` walter harms
  0 siblings, 1 reply; 3+ messages in thread
From: Julia Lawall @ 2011-01-31 17:51 UTC (permalink / raw)
  To: Lars Ellenberg; +Cc: kernel-janitors, drbd-user, linux-kernel

crypto_free_hash calls the function crypto_hash_tfm and then
crypto_free_tfm on the result.  crypto_free_tfm calls crypto_destroy_tfm,
which tests this result for NULL and then dereferences it.  crypto_hash_tfm
returns &tfm->base where tfm is its argument.  base is actually the first
and only field of a crypto_hash-typed structure, so perhaps one can rely on
it to return NULL for a NULL value of tfm.  But most calls to
crypto_hash_tfm where the argument might be NULL don't rely on this
property and test for NULL explicitly.

The semantic match that finds this problem is as follows:
(http://coccinelle.lip6.fr/)

// <smpl>
@safe@
position p;
expression x;
@@

if (x) { <+... crypto_free_hash@p(x) ...+> }

@@
expression x;
position p!=safe.p;
@@

*x = NULL
...
*crypto_free_hash@p(x)
// </smpl>

Signed-off-by: Julia Lawall <julia@diku.dk>

---
 drivers/block/drbd/drbd_nl.c       |   18 ++++++++++++------
 drivers/block/drbd/drbd_receiver.c |    6 ++++--
 2 files changed, 16 insertions(+), 8 deletions(-)

diff --git a/drivers/block/drbd/drbd_nl.c b/drivers/block/drbd/drbd_nl.c
index 8cbfaa6..aa5fbc0 100644
--- a/drivers/block/drbd/drbd_nl.c
+++ b/drivers/block/drbd/drbd_nl.c
@@ -1482,13 +1482,16 @@ static int drbd_nl_net_conf(struct drbd_conf *mdev, struct drbd_nl_cfg_req *nlp,
 		mdev->ee_hash = new_ee_hash;
 	}
 
-	crypto_free_hash(mdev->cram_hmac_tfm);
+	if (mdev->cram_hmac_tfm)
+		crypto_free_hash(mdev->cram_hmac_tfm);
 	mdev->cram_hmac_tfm = tfm;
 
-	crypto_free_hash(mdev->integrity_w_tfm);
+	if (mdev->integrity_w_tfm)
+		crypto_free_hash(mdev->integrity_w_tfm);
 	mdev->integrity_w_tfm = integrity_w_tfm;
 
-	crypto_free_hash(mdev->integrity_r_tfm);
+	if (mdev->integrity_r_tfm)
+		crypto_free_hash(mdev->integrity_r_tfm);
 	mdev->integrity_r_tfm = integrity_r_tfm;
 
 	kfree(mdev->int_dig_out);
@@ -1509,9 +1512,12 @@ fail:
 	kfree(int_dig_out);
 	kfree(int_dig_in);
 	kfree(int_dig_vv);
-	crypto_free_hash(tfm);
-	crypto_free_hash(integrity_w_tfm);
-	crypto_free_hash(integrity_r_tfm);
+	if (tfm)
+		crypto_free_hash(tfm);
+	if (integrity_w_tfm)
+		crypto_free_hash(integrity_w_tfm);
+	if (integrity_r_tfm)
+		crypto_free_hash(integrity_r_tfm);
 	kfree(new_tl_hash);
 	kfree(new_ee_hash);
 	kfree(new_conf);
diff --git a/drivers/block/drbd/drbd_receiver.c b/drivers/block/drbd/drbd_receiver.c
index 24487d4..3453cc3 100644
--- a/drivers/block/drbd/drbd_receiver.c
+++ b/drivers/block/drbd/drbd_receiver.c
@@ -2871,9 +2871,11 @@ static int receive_SyncParam(struct drbd_conf *mdev, enum drbd_packets cmd, unsi
 disconnect:
 	/* just for completeness: actually not needed,
 	 * as this is not reached if csums_tfm was ok. */
-	crypto_free_hash(csums_tfm);
+	if (csums_tfm)
+		crypto_free_hash(csums_tfm);
 	/* but free the verify_tfm again, if csums_tfm did not work out */
-	crypto_free_hash(verify_tfm);
+	if (verify_tfm)
+		crypto_free_hash(verify_tfm);
 	drbd_force_state(mdev, NS(conn, C_DISCONNECTING));
 	return FALSE;
 }


^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2011-01-31 17:45 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2011-01-31 17:51 [PATCH] drivers/block/drbd: add NULL test around call to crypto_free_hash Julia Lawall
2011-01-31 17:39 ` walter harms
2011-01-31 17:44   ` Julia Lawall

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).