From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: Alan Stern <stern@rowland.harvard.edu>
Cc: Valery Zabrovsky <valthebrewer@yandex.ru>,
Guo Zhengkui <guozhengkui@vivo.com>,
Aaro Koskinen <aaro.koskinen@iki.fi>,
Mian Yousaf Kaukab <yousaf.kaukab@intel.com>,
Felipe Balbi <balbi@ti.com>,
Alexey Khoroshilov <khoroshilov@ispras.ru>,
linux-usb@vger.kernel.org, linux-kernel@vger.kernel.org,
lvc-project@linuxtesting.org
Subject: Re: [PATCH] usb: gadget: net2280: fix NULL pointer dereference
Date: Thu, 16 Mar 2023 20:05:38 +0100 [thread overview]
Message-ID: <ZBNogj/To3j5OiQK@kroah.com> (raw)
In-Reply-To: <2be27aee-1a2d-4c5c-bb62-018e1340d2ad@rowland.harvard.edu>
On Thu, Mar 16, 2023 at 02:22:35PM -0400, Alan Stern wrote:
> On Thu, Mar 16, 2023 at 05:19:35PM +0100, Greg Kroah-Hartman wrote:
> > On Thu, Mar 16, 2023 at 06:53:55PM +0300, Valery Zabrovsky wrote:
> > > In net2280_free_request():
> > > If _ep is NULL, then ep is NULL and is dereferenced
> > > while trying to produce an error message.
> >
> > How can that ever happen? How did you test and hit this?
> >
> > > The patch replaces dev_err() with pr_err() which works fine.
> >
> > That's not a good idea for driver code to use, sorry.
> >
> > > Found by Linux Verification Center (linuxtesting.org) with SVACE.
> >
> > As I have said before, your testing framework needs a lot more work.
> >
> > good luck!
>
> In situations like this, it might be better to remove the check
> entirely. If a driver does pass a NULL pointer, it will lead to an
> invalid pointer dereference which will certainly cause an oops and might
> very well crash the system. That would be a lot more noticeable than an
> error message hidden in a kernel log!
>
> Greg, is there any general policy about the need for sanity checks such
> as this one? Like, don't put them in whenever a failure would lead
> to an immediate fault which would be easy to track down?
That's the policy, no need to check if a caller is abusing the code and
will find out instantly. Otherwise we end up checking on every
function, and that way lies madness.
thanks,
greg k-h
prev parent reply other threads:[~2023-03-16 19:06 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-03-16 15:53 [PATCH] usb: gadget: net2280: fix NULL pointer dereference Valery Zabrovsky
2023-03-16 16:19 ` Greg Kroah-Hartman
2023-03-16 18:22 ` Alan Stern
2023-03-16 19:05 ` Greg Kroah-Hartman [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZBNogj/To3j5OiQK@kroah.com \
--to=gregkh@linuxfoundation.org \
--cc=aaro.koskinen@iki.fi \
--cc=balbi@ti.com \
--cc=guozhengkui@vivo.com \
--cc=khoroshilov@ispras.ru \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-usb@vger.kernel.org \
--cc=lvc-project@linuxtesting.org \
--cc=stern@rowland.harvard.edu \
--cc=valthebrewer@yandex.ru \
--cc=yousaf.kaukab@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox