From: Dan Carpenter <dan.carpenter@oracle.com>
To: Shijith Thotton <sthotton@marvell.com>
Cc: Arnaud Ebalard <arno@natisbad.org>,
Herbert Xu <herbert@gondor.apana.org.au>,
Boris Brezillon <bbrezillon@kernel.org>,
linux-crypto@vger.kernel.org, jerinj@marvell.com,
sgoutham@marvell.com, Srujana Challa <schalla@marvell.com>,
"David S. Miller" <davem@davemloft.net>,
Harman Kalra <hkalra@marvell.com>,
Yang Yingliang <yangyingliang@huawei.com>,
Kees Cook <keescook@chromium.org>,
Jiapeng Chong <jiapeng.chong@linux.alibaba.com>,
open list <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH] crypto: octeontx2: fix potential null pointer access
Date: Fri, 27 May 2022 11:19:28 +0300 [thread overview]
Message-ID: <20220527081928.GO2168@kadam> (raw)
In-Reply-To: <da89ba20819ad3ca6b99f9ef056f2bc1b076dc6d.1653632699.git.sthotton@marvell.com>
On Fri, May 27, 2022 at 01:27:56PM +0530, Shijith Thotton wrote:
> Added missing checks to avoid null pointer dereference.
>
> The patch fixes below issues reported by klocwork tool:
Don't fix false positives to make a tool happy. Fix the tool. (Unless
the patch makes the code simpler, then it's fine).
> 1. Pointer 'pcim_iomap_table(pdev)' returned from call to function
> 'pcim_iomap_table' at line 365 may be NULL and will be dereferenced
> at line 365 in otx2_cptvf_main.c. Also there is a similar error on
> line 734 in otx2_cptpf_main.c.
> 2. Pointer 'strsep( &val, ":" )' returned from call to function 'strsep'
> at line 1608 may be NULL and will be dereferenced at line 1608. Also
> there are 2 similar errors on lines 1620, 1632 in otx2_cptpf_ucode.c.
>
> Signed-off-by: Shijith Thotton <sthotton@marvell.com>
> ---
> .../crypto/marvell/octeontx2/otx2_cptpf_main.c | 9 ++++++++-
> .../marvell/octeontx2/otx2_cptpf_ucode.c | 18 +++++++++++++++---
> .../crypto/marvell/octeontx2/otx2_cptvf_main.c | 9 ++++++++-
> 3 files changed, 31 insertions(+), 5 deletions(-)
>
> diff --git a/drivers/crypto/marvell/octeontx2/otx2_cptpf_main.c b/drivers/crypto/marvell/octeontx2/otx2_cptpf_main.c
> index a402ccfac557..ae57cee424f0 100644
> --- a/drivers/crypto/marvell/octeontx2/otx2_cptpf_main.c
> +++ b/drivers/crypto/marvell/octeontx2/otx2_cptpf_main.c
> @@ -703,6 +703,7 @@ static int otx2_cptpf_probe(struct pci_dev *pdev,
> {
> struct device *dev = &pdev->dev;
> struct otx2_cptpf_dev *cptpf;
> + void __iomem * const *iomap;
> int err;
>
> cptpf = devm_kzalloc(dev, sizeof(*cptpf), GFP_KERNEL);
> @@ -731,7 +732,13 @@ static int otx2_cptpf_probe(struct pci_dev *pdev,
> pci_set_drvdata(pdev, cptpf);
> cptpf->pdev = pdev;
>
> - cptpf->reg_base = pcim_iomap_table(pdev)[PCI_PF_REG_BAR_NUM];
> + iomap = pcim_iomap_table(pdev);
I don't know if a check is required here or not... The comments to
pcim_iomap_table() say it is, "guaranteed to succeed once allocated."
> + if (!iomap) {
> + dev_err(dev, "Failed to get iomap table\n");
> + err = -ENODEV;
> + goto clear_drvdata;
> + }
> + cptpf->reg_base = iomap[PCI_PF_REG_BAR_NUM];
>
> /* Check if AF driver is up, otherwise defer probe */
> err = cpt_is_pf_usable(cptpf);
> diff --git a/drivers/crypto/marvell/octeontx2/otx2_cptpf_ucode.c b/drivers/crypto/marvell/octeontx2/otx2_cptpf_ucode.c
> index 9cba2f714c7e..b91401929fc6 100644
> --- a/drivers/crypto/marvell/octeontx2/otx2_cptpf_ucode.c
> +++ b/drivers/crypto/marvell/octeontx2/otx2_cptpf_ucode.c
> @@ -1605,7 +1605,11 @@ int otx2_cpt_dl_custom_egrp_create(struct otx2_cptpf_dev *cptpf,
> if (!strncasecmp(val, "se", 2) && strchr(val, ':')) {
^^^^^^^^^^^^^^^^
We know it can't be NULL.
> if (has_se || ucode_idx)
> goto err_print;
> - tmp = strim(strsep(&val, ":"));
> + tmp = strsep(&val, ":");
> + if (tmp != NULL)
> + tmp = strim(tmp);
> + else
> + goto err_print;
> if (!val)
> goto err_print;
> if (strlen(tmp) != 2)
The rest is all the same. Likely or definitely false positives.
regards,
dan carpenter
next prev parent reply other threads:[~2022-05-27 8:20 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-05-27 7:57 [PATCH] crypto: octeontx2: fix potential null pointer access Shijith Thotton
2022-05-27 8:19 ` Dan Carpenter [this message]
2022-05-27 9:40 ` [EXT] " Shijith Thotton
2022-05-27 10:04 ` Dan Carpenter
2022-05-27 11:14 ` Shijith Thotton
2022-05-27 8:23 ` Dan Carpenter
2022-05-27 9:42 ` [EXT] " Shijith Thotton
2022-06-01 8:08 ` [PATCH v2] " Shijith Thotton
2022-06-10 9:16 ` Herbert Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220527081928.GO2168@kadam \
--to=dan.carpenter@oracle.com \
--cc=arno@natisbad.org \
--cc=bbrezillon@kernel.org \
--cc=davem@davemloft.net \
--cc=herbert@gondor.apana.org.au \
--cc=hkalra@marvell.com \
--cc=jerinj@marvell.com \
--cc=jiapeng.chong@linux.alibaba.com \
--cc=keescook@chromium.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=schalla@marvell.com \
--cc=sgoutham@marvell.com \
--cc=sthotton@marvell.com \
--cc=yangyingliang@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.