From: Greg KH <gregkh@linuxfoundation.org>
To: Xujun Leng <lengxujun2007@126.com>
Cc: linux-kernel@vger.kernel.org, rafael@kernel.org
Subject: Re: [PATCH] driver core: platform: added arguments check for platform_device_add_resources()
Date: Fri, 10 Mar 2023 08:51:07 +0100 [thread overview]
Message-ID: <ZArha1XDXWV1QVIz@kroah.com> (raw)
In-Reply-To: <20230310065546.22948-1-lengxujun2007@126.com>
On Fri, Mar 10, 2023 at 02:55:46PM +0800, Xujun Leng wrote:
> > On Tue, Mar 07, 2023 at 01:01:16PM +0800, Xujun Leng wrote:
> > > In the follow two cases, platform_device_add_resources() can lead an
> > > invalid address access:
> > > 1) If (!res && num > 0), pdev->resource will be set to NULL but
> > > pdev->num_resources > 0, then a later platform_get_resource() will
> > > cause invalid address access.
> > > 2) If (res && num == 0), because num == 0 cause kmalloc_slab() returns
> > > ZERO_SIZE_PTR, then kmemdup() will copy data to the invalid address
> > > ZERO_SIZE_PTR.
> > >
> > > Signed-off-by: Xujun Leng <lengxujun2007@126.com>
> > > ---
> > > drivers/base/platform.c | 3 +++
> > > 1 file changed, 3 insertions(+)
> > >
> > > diff --git a/drivers/base/platform.c b/drivers/base/platform.c
> > > index 77510e4f47de..a060941c3076 100644
> > > --- a/drivers/base/platform.c
> > > +++ b/drivers/base/platform.c
> > > @@ -606,6 +606,9 @@ int platform_device_add_resources(struct platform_device *pdev,
> > > {
> > > struct resource *r = NULL;
> > >
> > > + if ((!res && num > 0) || (res && num == 0))
> > > + return -EINVAL;
> >
> > What driver is causing this check to fail today? Shouldn't that be
> > fixed instead?
>
> Ok, I got it. It's the caller's responsibility to take care about that.
Maybe, I don't know, which is why I am asking what driver is triggering
this kind of failure. Can you point me at one that causes this so we
can see if this is something that a driver should be catching before it
calls this, or if it is something that this core function should catch
instead?
thanks,
greg k-h
next prev parent reply other threads:[~2023-03-10 7:51 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-03-07 5:01 [PATCH] driver core: platform: added arguments check for platform_device_add_resources() Xujun Leng
2023-03-09 14:39 ` Greg KH
2023-03-10 6:55 ` Xujun Leng
2023-03-10 7:51 ` Greg KH [this message]
2023-03-10 12:57 ` Xujun Leng
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZArha1XDXWV1QVIz@kroah.com \
--to=gregkh@linuxfoundation.org \
--cc=lengxujun2007@126.com \
--cc=linux-kernel@vger.kernel.org \
--cc=rafael@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.