From: Adrian Bunk <bunk@stusta.de>
To: Jesper Juhl <jesper.juhl@gmail.com>
Cc: bcollins@debian.org, dan@dennedy.org,
linux1394-devel@lists.sourceforge.net, scjody@steamballoon.com,
linux-kernel@vger.kernel.org, stable@kernel.org
Subject: Re: [2.6 patch] drivers/ieee1394/raw1394.c: fix a NULL pointer dereference
Date: Mon, 21 Nov 2005 00:54:02 +0100 [thread overview]
Message-ID: <20051120235402.GS16060@stusta.de> (raw)
In-Reply-To: <9a8748490511201545n70e0e6fftd0f1aaf748abe05@mail.gmail.com>
On Mon, Nov 21, 2005 at 12:45:14AM +0100, Jesper Juhl wrote:
> On 11/21/05, Adrian Bunk <bunk@stusta.de> wrote:
> > The coverity checker spotted that this was a NULL pointer dereference in
> > the "if (copy_from_user(...))" case.
> >
> >
> > Signed-off-by: Adrian Bunk <bunk@stusta.de>
> >
> > --- linux-2.6.15-rc1-mm2-full/drivers/ieee1394/raw1394.c.old 2005-11-20 22:08:57.000000000 +0100
> > +++ linux-2.6.15-rc1-mm2-full/drivers/ieee1394/raw1394.c 2005-11-20 22:09:34.000000000 +0100
> > @@ -2166,7 +2166,8 @@
> > }
> > }
> > }
> > - kfree(cache->filled_head);
> > + if(cache->filled_head)
> > + kfree(cache->filled_head);
> > kfree(cache);
> >
> Hmmm, kfree() deals with NULL pointers just fine, so there's no
> problem if cache->filled_head is NULL. There is, however, a NULL
> pointer deref problem if `cache' is NULL, but that's not what your
> patch checks for.
>...
OK, I was blind...
I've just sent a better patch.
cu
Adrian
--
"Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
"Only a promise," Lao Er said.
Pearl S. Buck - Dragon Seed
prev parent reply other threads:[~2005-11-20 23:54 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-11-20 23:20 [2.6 patch] drivers/ieee1394/raw1394.c: fix a NULL pointer dereference Adrian Bunk
2005-11-20 23:33 ` Jody McIntyre
2005-11-20 23:46 ` Adrian Bunk
2005-11-20 23:54 ` Adrian Bunk
2005-11-20 23:40 ` Dave Jones
2005-11-20 23:52 ` Adrian Bunk
2005-11-21 19:13 ` Stefan Richter
2005-11-21 18:56 ` Ben Collins
2005-11-21 21:52 ` Jody McIntyre
2005-11-21 22:09 ` Stefan Richter
2005-11-21 22:32 ` Jody McIntyre
2005-11-21 21:55 ` Jody McIntyre
2005-11-20 23:45 ` Jesper Juhl
2005-11-20 23:54 ` Adrian Bunk [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20051120235402.GS16060@stusta.de \
--to=bunk@stusta.de \
--cc=bcollins@debian.org \
--cc=dan@dennedy.org \
--cc=jesper.juhl@gmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux1394-devel@lists.sourceforge.net \
--cc=scjody@steamballoon.com \
--cc=stable@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox