From: Kenji Kaneshige <kaneshige.kenji@jp.fujitsu.com>
To: Andrew Morton <akpm@linux-foundation.org>
Cc: izumi <izumi2005@soft.fujitsu.com>,
linux-kernel@vger.kernel.org, linux-serial@vger.kernel.org,
Russell King <rmk@arm.linux.org.uk>
Subject: Re: [PATCH][BUG] Fix possible NULL pointer access in 8250 serial driver
Date: Wed, 18 Apr 2007 17:21:53 +0900 [thread overview]
Message-ID: <1176884513.3945.54.camel@kane-linux> (raw)
In-Reply-To: <20070416225206.cf7d8cd2.akpm@linux-foundation.org>
> I'd imagine that other serial drivers might get upset having their
> ->get_mcrtl() called prior to being opened. Perhaps we should be fixing
> this in uart_read_proc()?
>
I looked at other serial drivers and I could not find any other
drivers which accesses port->info in their ->get_mctrl(). This
is why we fix this problem in 8250 driver. But if there is a
possibility that other drivers accesses port->info in their
->get_mctrl(), we should be fixing this in uart_read_proc(), as
you said.
How about the following patch? We've also confirmed the problem
is fixed by it.
Thanks,
Kenji Kaneshige
This patch fixes the problem that uninitialized (NULL) 'info' member
of uart_port structure can be accessed if serial driver is accessed
through /proc filesystem before uart_open(), which initializes the
'info' member', is called.
Signed-off-by: Kenji Kaneshige <kaneshige.kenji@jp.fujitsu.com>
Signed-off-by: Taku Izumi <izumi2005@soft.fujitsu.com>
---
drivers/serial/serial_core.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Index: linux-2.6.21-rc5/drivers/serial/serial_core.c
===================================================================
--- linux-2.6.21-rc5.orig/drivers/serial/serial_core.c
+++ linux-2.6.21-rc5/drivers/serial/serial_core.c
@@ -1665,7 +1665,7 @@ static int uart_line_info(char *buf, str
unsigned int status;
int mmio, ret;
- if (!port)
+ if (!port || !port->info)
return 0;
mmio = port->iotype >= UPIO_MEM;
next prev parent reply other threads:[~2007-04-18 8:24 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-04-17 2:15 [PATCH][BUG] Fix possible NULL pointer access in 8250 serial driver izumi
2007-04-17 5:52 ` Andrew Morton
2007-04-18 8:21 ` Kenji Kaneshige [this message]
2007-04-18 16:16 ` Andrew Morton
2007-04-18 19:18 ` Russell King
2007-04-19 2:28 ` izumi
2007-04-19 5:08 ` Andrew Morton
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1176884513.3945.54.camel@kane-linux \
--to=kaneshige.kenji@jp.fujitsu.com \
--cc=akpm@linux-foundation.org \
--cc=izumi2005@soft.fujitsu.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-serial@vger.kernel.org \
--cc=rmk@arm.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).