From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CCC1D14BF97 for ; Sun, 19 Apr 2026 06:50:57 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1776581457; cv=none; b=fkBh6NnIUUQ668gSPAaRkSuINNh6bjV+YQX09zHCV697t+dqI01P8qdfQdSwnCLAYn/EMxgWyK8tQG6Bp1Qg5Aeh4FIctAhtlSionZifJVT42nHq63xSx+7McplFmroC0sgZZufrhRbxwifJchGtUG4DyKGKC5bbLa8AKB+PmrY= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1776581457; c=relaxed/simple; bh=5M6FUPgMU8i7uVVqY0dLOLktPW/Hy4HggLLTp4YLP3c=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=Zh2Z2lzwKY1EG98DXcxAr60/XSj3hyNJoPV5jrLr84y/+EHHgGMcl2q2MaOuO1xb4CT0gmCd/BYCzjIqS5IR7kkuATvkfQZsxQxlUjmxJR7rCdkiGvph3ntffMrewFACyiDsMOY/j6KSMKryENzGsyBi9Ti+8ke6TZIZG2Qdgj0= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linuxfoundation.org header.i=@linuxfoundation.org header.b=v9usi3ds; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linuxfoundation.org header.i=@linuxfoundation.org header.b="v9usi3ds" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 23942C2BCAF; Sun, 19 Apr 2026 06:50:56 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1776581457; bh=5M6FUPgMU8i7uVVqY0dLOLktPW/Hy4HggLLTp4YLP3c=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=v9usi3dsrO/wKUwQShUQ/SBMqC16rMPbTYABV+P0WOKAa/P1v/RnxwRFMzUHLGyz8 iolgXvIK89r876MRvl39RJjNNJrEIniuu+HOeGgAzqV02aRcA2ubdfIITIhcVLQngr lBoYUuyA+a/lCjIPOKRw3/hHfV3WVLXVlq+pAnUk= Date: Sun, 19 Apr 2026 08:50:55 +0200 From: Greg Kroah-Hartman To: Joe Simmons-Talbott Cc: Dave Penkler , linux-kernel@vger.kernel.org Subject: Re: [PATCH] gpib: agilent_82357a: don't check a NULL serial string Message-ID: <2026041946-handwash-motion-829a@gregkh> References: <20260326131256.1758014-1-joest@redhat.com> <20260416114852.GA15912@oak> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20260416114852.GA15912@oak> On Thu, Apr 16, 2026 at 07:49:12AM -0400, Joe Simmons-Talbott wrote: > On Fri, Mar 27, 2026 at 11:38:49AM +0100, Dave Penkler wrote: > > On Thu, Mar 26, 2026 at 09:12:56AM -0400, Joe Simmons-Talbott wrote: > > > The agilent_82357a driver uses the USB device serial string for device > > > matching but does not verify that the string exists before passing it > > > to strcmp(). > > > > > > Verify that the device has a serial number before accessing it to avoid > > > triggering a NULL-pointer dereference with devices that don't provide > > > a serial number (iSerialNumber = 0). > > > > > > Similar to commit aa79f996eb41 ("i2c: cp2615: fix serial string > > > NULL-deref at probe"). > > > > > > Found by Claude:sonnet-4.5 > > > > > > Signed-off-by: Joe Simmons-Talbott > > > --- > > > drivers/gpib/agilent_82357a/agilent_82357a.c | 2 +- > > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > > > diff --git a/drivers/gpib/agilent_82357a/agilent_82357a.c b/drivers/gpib/agilent_82357a/agilent_82357a.c > > > index e1349afbf933..da046ea40f11 100644 > > > --- a/drivers/gpib/agilent_82357a/agilent_82357a.c > > > +++ b/drivers/gpib/agilent_82357a/agilent_82357a.c > > > @@ -1298,7 +1298,7 @@ static inline int agilent_82357a_device_match(struct usb_interface *interface, > > > if (gpib_match_device_path(&interface->dev, config->device_path) == 0) > > > return 0; > > > if (config->serial_number && > > > - strcmp(usbdev->serial, config->serial_number) != 0) > > > + (!usbdev->serial || strcmp(usbdev->serial, config->serial_number) != 0)) > > > return 0; > > > > > > return 1; > > > -- > > > 2.53.0 > > > > > Acked-by: Dave Penkler > > > > +Greg > > Hi Greg, > > Sorry I neglected to include you on the original patch submission. Are > you able to either take this patch or point me to the proper person? I can take it after -rc1 is out, thanks. greg k-h