From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: Alan Stern <stern@rowland.harvard.edu>
Cc: Valery Zabrovsky <valthebrewer@yandex.ru>,
Guo Zhengkui <guozhengkui@vivo.com>,
Aaro Koskinen <aaro.koskinen@iki.fi>,
Mian Yousaf Kaukab <yousaf.kaukab@intel.com>,
Felipe Balbi <balbi@ti.com>,
Alexey Khoroshilov <khoroshilov@ispras.ru>,
linux-usb@vger.kernel.org, linux-kernel@vger.kernel.org,
lvc-project@linuxtesting.org
Subject: Re: [PATCH] usb: gadget: net2280: fix NULL pointer dereference
Date: Thu, 16 Mar 2023 20:05:38 +0100 [thread overview]
Message-ID: <ZBNogj/To3j5OiQK@kroah.com> (raw)
In-Reply-To: <2be27aee-1a2d-4c5c-bb62-018e1340d2ad@rowland.harvard.edu>
On Thu, Mar 16, 2023 at 02:22:35PM -0400, Alan Stern wrote:
> On Thu, Mar 16, 2023 at 05:19:35PM +0100, Greg Kroah-Hartman wrote:
> > On Thu, Mar 16, 2023 at 06:53:55PM +0300, Valery Zabrovsky wrote:
> > > In net2280_free_request():
> > > If _ep is NULL, then ep is NULL and is dereferenced
> > > while trying to produce an error message.
> >
> > How can that ever happen? How did you test and hit this?
> >
> > > The patch replaces dev_err() with pr_err() which works fine.
> >
> > That's not a good idea for driver code to use, sorry.
> >
> > > Found by Linux Verification Center (linuxtesting.org) with SVACE.
> >
> > As I have said before, your testing framework needs a lot more work.
> >
> > good luck!
>
> In situations like this, it might be better to remove the check
> entirely. If a driver does pass a NULL pointer, it will lead to an
> invalid pointer dereference which will certainly cause an oops and might
> very well crash the system. That would be a lot more noticeable than an
> error message hidden in a kernel log!
>
> Greg, is there any general policy about the need for sanity checks such
> as this one? Like, don't put them in whenever a failure would lead
> to an immediate fault which would be easy to track down?
That's the policy, no need to check if a caller is abusing the code and
will find out instantly. Otherwise we end up checking on every
function, and that way lies madness.
thanks,
greg k-h
prev parent reply other threads:[~2023-03-16 19:06 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-03-16 15:53 [PATCH] usb: gadget: net2280: fix NULL pointer dereference Valery Zabrovsky
2023-03-16 16:19 ` Greg Kroah-Hartman
2023-03-16 18:22 ` Alan Stern
2023-03-16 19:05 ` Greg Kroah-Hartman [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZBNogj/To3j5OiQK@kroah.com \
--to=gregkh@linuxfoundation.org \
--cc=aaro.koskinen@iki.fi \
--cc=balbi@ti.com \
--cc=guozhengkui@vivo.com \
--cc=khoroshilov@ispras.ru \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-usb@vger.kernel.org \
--cc=lvc-project@linuxtesting.org \
--cc=stern@rowland.harvard.edu \
--cc=valthebrewer@yandex.ru \
--cc=yousaf.kaukab@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.