* [PATCH] Fix for possible null pointer dereference in auth.c
@ 2014-05-15 21:56 Rickard Strandqvist
[not found] ` <1400190998-28153-1-git-send-email-rickard_strandqvist-IW2WV5XWFqGZkjO+N0TKoMugMpMbD5Xr@public.gmane.org>
2014-05-16 12:19 ` Sergei Shtylyov
0 siblings, 2 replies; 6+ messages in thread
From: Rickard Strandqvist @ 2014-05-15 21:56 UTC (permalink / raw)
To: J. Bruce Fields, Trond Myklebust
Cc: Rickard Strandqvist, David S. Miller, linux-nfs, netdev,
linux-kernel
There is otherwise a risk of a possible null pointer dereference.
Was largely found by using a static code analysis program called cppcheck.
Signed-off-by: Rickard Strandqvist <rickard_strandqvist@spectrumdigital.se>
---
net/sunrpc/auth.c | 10 +++++++---
1 fil ändrad, 7 tillägg(+), 3 borttagningar(-)
diff --git a/net/sunrpc/auth.c b/net/sunrpc/auth.c
index 5285ead..3a55698 100644
--- a/net/sunrpc/auth.c
+++ b/net/sunrpc/auth.c
@@ -801,10 +801,14 @@ rpcauth_invalcred(struct rpc_task *task)
{
struct rpc_cred *cred = task->tk_rqstp->rq_cred;
- dprintk("RPC: %5u invalidating %s cred %p\n",
- task->tk_pid, cred->cr_auth->au_ops->au_name, cred);
- if (cred)
+ if (cred) {
+ dprintk("RPC: %5u invalidating %s cred %p\n",
+ task->tk_pid, cred->cr_auth->au_ops->au_name, cred);
+
clear_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags);
+ }
+ else
+ dprintk("RPC: %5u invalidating is NULL\n", task->tk_pid);
}
int
--
1.7.10.4
^ permalink raw reply related [flat|nested] 6+ messages in thread[parent not found: <1400190998-28153-1-git-send-email-rickard_strandqvist-IW2WV5XWFqGZkjO+N0TKoMugMpMbD5Xr@public.gmane.org>]
* Re: [PATCH] Fix for possible null pointer dereference in auth.c [not found] ` <1400190998-28153-1-git-send-email-rickard_strandqvist-IW2WV5XWFqGZkjO+N0TKoMugMpMbD5Xr@public.gmane.org> @ 2014-05-15 22:07 ` Trond Myklebust 2014-05-15 22:10 ` Rickard Strandqvist 0 siblings, 1 reply; 6+ messages in thread From: Trond Myklebust @ 2014-05-15 22:07 UTC (permalink / raw) To: Rickard Strandqvist Cc: J. Bruce Fields, David S. Miller, linux-nfs-u79uwXL29TY76Z2rM5mHXA, netdev-u79uwXL29TY76Z2rM5mHXA, linux-kernel-u79uwXL29TY76Z2rM5mHXA On Thu, May 15, 2014 at 5:56 PM, Rickard Strandqvist <rickard_strandqvist-IW2WV5XWFqGZkjO+N0TKoMugMpMbD5Xr@public.gmane.org> wrote: > There is otherwise a risk of a possible null pointer dereference. > > Was largely found by using a static code analysis program called cppcheck. > > Signed-off-by: Rickard Strandqvist <rickard_strandqvist@spectrumdigital.se> > --- > net/sunrpc/auth.c | 10 +++++++--- > 1 fil ändrad, 7 tillägg(+), 3 borttagningar(-) > > diff --git a/net/sunrpc/auth.c b/net/sunrpc/auth.c > index 5285ead..3a55698 100644 > --- a/net/sunrpc/auth.c > +++ b/net/sunrpc/auth.c > @@ -801,10 +801,14 @@ rpcauth_invalcred(struct rpc_task *task) > { > struct rpc_cred *cred = task->tk_rqstp->rq_cred; > > - dprintk("RPC: %5u invalidating %s cred %p\n", > - task->tk_pid, cred->cr_auth->au_ops->au_name, cred); > - if (cred) > + if (cred) { > + dprintk("RPC: %5u invalidating %s cred %p\n", > + task->tk_pid, cred->cr_auth->au_ops->au_name, cred); > + > clear_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags); > + } > + else > + dprintk("RPC: %5u invalidating is NULL\n", task->tk_pid); > } > > Can you please explain how we can get to rpcauth_invalcred() without a valid cred pointer? I'm not seeing it... Cheers Trond -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org More majordomo info at http://vger.kernel.org/majordomo-info.html ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] Fix for possible null pointer dereference in auth.c 2014-05-15 22:07 ` Trond Myklebust @ 2014-05-15 22:10 ` Rickard Strandqvist 0 siblings, 0 replies; 6+ messages in thread From: Rickard Strandqvist @ 2014-05-15 22:10 UTC (permalink / raw) To: Trond Myklebust Cc: J. Bruce Fields, David S. Miller, linux-nfs, netdev, linux-kernel Hi I do not know, I'm not an expert on this code. But since there before was a if (cred) someone must have thought this could happen. Best regards Rickard Strandqvist 2014-05-16 0:07 GMT+02:00 Trond Myklebust <trond.myklebust@primarydata.com>: > On Thu, May 15, 2014 at 5:56 PM, Rickard Strandqvist > <rickard_strandqvist@spectrumdigital.se> wrote: >> There is otherwise a risk of a possible null pointer dereference. >> >> Was largely found by using a static code analysis program called cppcheck. >> >> Signed-off-by: Rickard Strandqvist <rickard_strandqvist@spectrumdigital.se> >> --- >> net/sunrpc/auth.c | 10 +++++++--- >> 1 fil ändrad, 7 tillägg(+), 3 borttagningar(-) >> >> diff --git a/net/sunrpc/auth.c b/net/sunrpc/auth.c >> index 5285ead..3a55698 100644 >> --- a/net/sunrpc/auth.c >> +++ b/net/sunrpc/auth.c >> @@ -801,10 +801,14 @@ rpcauth_invalcred(struct rpc_task *task) >> { >> struct rpc_cred *cred = task->tk_rqstp->rq_cred; >> >> - dprintk("RPC: %5u invalidating %s cred %p\n", >> - task->tk_pid, cred->cr_auth->au_ops->au_name, cred); >> - if (cred) >> + if (cred) { >> + dprintk("RPC: %5u invalidating %s cred %p\n", >> + task->tk_pid, cred->cr_auth->au_ops->au_name, cred); >> + >> clear_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags); >> + } >> + else >> + dprintk("RPC: %5u invalidating is NULL\n", task->tk_pid); >> } >> >> > > Can you please explain how we can get to rpcauth_invalcred() without a > valid cred pointer? I'm not seeing it... > > Cheers > Trond ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] Fix for possible null pointer dereference in auth.c 2014-05-15 21:56 [PATCH] Fix for possible null pointer dereference in auth.c Rickard Strandqvist [not found] ` <1400190998-28153-1-git-send-email-rickard_strandqvist-IW2WV5XWFqGZkjO+N0TKoMugMpMbD5Xr@public.gmane.org> @ 2014-05-16 12:19 ` Sergei Shtylyov 2014-05-17 16:36 ` Rickard Strandqvist 1 sibling, 1 reply; 6+ messages in thread From: Sergei Shtylyov @ 2014-05-16 12:19 UTC (permalink / raw) To: Rickard Strandqvist, J. Bruce Fields, Trond Myklebust Cc: David S. Miller, linux-nfs, netdev, linux-kernel Hello. On 16-05-2014 1:56, Rickard Strandqvist wrote: > There is otherwise a risk of a possible null pointer dereference. > Was largely found by using a static code analysis program called cppcheck. > Signed-off-by: Rickard Strandqvist <rickard_strandqvist@spectrumdigital.se> > --- > net/sunrpc/auth.c | 10 +++++++--- > 1 fil ändrad, 7 tillägg(+), 3 borttagningar(-) > diff --git a/net/sunrpc/auth.c b/net/sunrpc/auth.c > index 5285ead..3a55698 100644 > --- a/net/sunrpc/auth.c > +++ b/net/sunrpc/auth.c > @@ -801,10 +801,14 @@ rpcauth_invalcred(struct rpc_task *task) > { > struct rpc_cred *cred = task->tk_rqstp->rq_cred; > > - dprintk("RPC: %5u invalidating %s cred %p\n", > - task->tk_pid, cred->cr_auth->au_ops->au_name, cred); > - if (cred) > + if (cred) { > + dprintk("RPC: %5u invalidating %s cred %p\n", > + task->tk_pid, cred->cr_auth->au_ops->au_name, cred); > + > clear_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags); > + } > + else } and *else* should be on the same line, and there should be {} in the *else* arm since there's {} in the *if* arm already, according to Documentation/CodingStyle. > + dprintk("RPC: %5u invalidating is NULL\n", task->tk_pid); That's not a proper English, I'm afraid. > } WBR, Sergei ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] Fix for possible null pointer dereference in auth.c 2014-05-16 12:19 ` Sergei Shtylyov @ 2014-05-17 16:36 ` Rickard Strandqvist [not found] ` <CAFo99gatLzLpOu92N23bMQ=a25BTnK3QK2rAzoQJcU3oxMuMgA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org> 0 siblings, 1 reply; 6+ messages in thread From: Rickard Strandqvist @ 2014-05-17 16:36 UTC (permalink / raw) To: Sergei Shtylyov Cc: J. Bruce Fields, Trond Myklebust, David S. Miller, linux-nfs, netdev, linux-kernel [-- Attachment #1: Type: text/plain, Size: 1734 bytes --] Hi I have made a new patch according Sergei specification. But there remains Tronds question though. Best regards Rickard Strandqvist 2014-05-16 14:19 GMT+02:00 Sergei Shtylyov <sergei.shtylyov@cogentembedded.com>: > Hello. > > > On 16-05-2014 1:56, Rickard Strandqvist wrote: > >> There is otherwise a risk of a possible null pointer dereference. > > >> Was largely found by using a static code analysis program called cppcheck. > > >> Signed-off-by: Rickard Strandqvist >> <rickard_strandqvist@spectrumdigital.se> >> --- >> net/sunrpc/auth.c | 10 +++++++--- >> 1 fil ändrad, 7 tillägg(+), 3 borttagningar(-) > > >> diff --git a/net/sunrpc/auth.c b/net/sunrpc/auth.c >> index 5285ead..3a55698 100644 >> --- a/net/sunrpc/auth.c >> +++ b/net/sunrpc/auth.c >> @@ -801,10 +801,14 @@ rpcauth_invalcred(struct rpc_task *task) >> { >> struct rpc_cred *cred = task->tk_rqstp->rq_cred; >> >> - dprintk("RPC: %5u invalidating %s cred %p\n", >> - task->tk_pid, cred->cr_auth->au_ops->au_name, cred); >> - if (cred) >> + if (cred) { >> + dprintk("RPC: %5u invalidating %s cred %p\n", >> + task->tk_pid, cred->cr_auth->au_ops->au_name, >> cred); >> + >> clear_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags); >> + } >> + else > > > } and *else* should be on the same line, and there should be {} in the > *else* arm since there's {} in the *if* arm already, according to > Documentation/CodingStyle. > > >> + dprintk("RPC: %5u invalidating is NULL\n", task->tk_pid); > > > That's not a proper English, I'm afraid. > >> } > > > WBR, Sergei > > [-- Attachment #2: 0001-Fix-for-possible-null-pointer-dereferenc.patch --] [-- Type: text/x-patch, Size: 1202 bytes --] From 210994905f7f7b13f6c621f110699f28fd134980 Mon Sep 17 00:00:00 2001 From: Rickard Strandqvist <rickard_strandqvist@spectrumdigital.se> Date: Sun, 11 May 2014 18:51:42 +0200 Subject: [PATCH] net: sunrpc: auth.c: Fix for possible null pointer dereference There is otherwise a risk of a possible null pointer dereference. Was largely found by using a static code analysis program called cppcheck. Signed-off-by: Rickard Strandqvist <rickard_strandqvist@spectrumdigital.se> --- net/sunrpc/auth.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/net/sunrpc/auth.c b/net/sunrpc/auth.c index 5285ead..a9e1866 100644 --- a/net/sunrpc/auth.c +++ b/net/sunrpc/auth.c @@ -801,10 +801,14 @@ rpcauth_invalcred(struct rpc_task *task) { struct rpc_cred *cred = task->tk_rqstp->rq_cred; - dprintk("RPC: %5u invalidating %s cred %p\n", - task->tk_pid, cred->cr_auth->au_ops->au_name, cred); - if (cred) + if (cred) { + dprintk("RPC: %5u invalidating %s cred %p\n", + task->tk_pid, cred->cr_auth->au_ops->au_name, cred); + clear_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags); + } else { + dprintk("RPC: %5u cred pointer is 0", task->tk_pid); + } } int -- 1.7.10.4 ^ permalink raw reply related [flat|nested] 6+ messages in thread
[parent not found: <CAFo99gatLzLpOu92N23bMQ=a25BTnK3QK2rAzoQJcU3oxMuMgA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>]
* Re: [PATCH] Fix for possible null pointer dereference in auth.c [not found] ` <CAFo99gatLzLpOu92N23bMQ=a25BTnK3QK2rAzoQJcU3oxMuMgA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org> @ 2014-05-17 17:17 ` Trond Myklebust 0 siblings, 0 replies; 6+ messages in thread From: Trond Myklebust @ 2014-05-17 17:17 UTC (permalink / raw) To: Rickard Strandqvist Cc: Sergei Shtylyov, J. Bruce Fields, David S. Miller, Linux NFS Mailing List, netdev-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, Linux Kernel mailing list On Sat, May 17, 2014 at 12:36 PM, Rickard Strandqvist <rickard_strandqvist-IW2WV5XWFqGZkjO+N0TKoMugMpMbD5Xr@public.gmane.org> wrote: > Hi > > I have made a new patch according Sergei specification. > I'll be happy to apply this patch once someone explains to me why we can't just remove that check for cred != NULL, however I'm not applying a patch purely in order to silence a warning from cppcheck. Cheers, Trond > But there remains Tronds question though. > > Best regards > Rickard Strandqvist > > > 2014-05-16 14:19 GMT+02:00 Sergei Shtylyov <sergei.shtylyov@cogentembedded.com>: >> Hello. >> >> >> On 16-05-2014 1:56, Rickard Strandqvist wrote: >> >>> There is otherwise a risk of a possible null pointer dereference. >> >> >>> Was largely found by using a static code analysis program called cppcheck. >> >> >>> Signed-off-by: Rickard Strandqvist >>> <rickard_strandqvist-IW2WV5XWFqGZkjO+N0TKoMugMpMbD5Xr@public.gmane.org> >>> --- >>> net/sunrpc/auth.c | 10 +++++++--- >>> 1 fil ändrad, 7 tillägg(+), 3 borttagningar(-) >> >> >>> diff --git a/net/sunrpc/auth.c b/net/sunrpc/auth.c >>> index 5285ead..3a55698 100644 >>> --- a/net/sunrpc/auth.c >>> +++ b/net/sunrpc/auth.c >>> @@ -801,10 +801,14 @@ rpcauth_invalcred(struct rpc_task *task) >>> { >>> struct rpc_cred *cred = task->tk_rqstp->rq_cred; >>> >>> - dprintk("RPC: %5u invalidating %s cred %p\n", >>> - task->tk_pid, cred->cr_auth->au_ops->au_name, cred); >>> - if (cred) >>> + if (cred) { >>> + dprintk("RPC: %5u invalidating %s cred %p\n", >>> + task->tk_pid, cred->cr_auth->au_ops->au_name, >>> cred); >>> + >>> clear_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags); >>> + } >>> + else >> >> >> } and *else* should be on the same line, and there should be {} in the >> *else* arm since there's {} in the *if* arm already, according to >> Documentation/CodingStyle. >> >> >>> + dprintk("RPC: %5u invalidating is NULL\n", task->tk_pid); >> >> >> That's not a proper English, I'm afraid. >> >>> } >> >> >> WBR, Sergei >> >> -- Trond Myklebust Linux NFS client maintainer, PrimaryData trond.myklebust-7I+n7zu2hftEKMMhf/gKZA@public.gmane.org -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org More majordomo info at http://vger.kernel.org/majordomo-info.html ^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2014-05-17 17:17 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-05-15 21:56 [PATCH] Fix for possible null pointer dereference in auth.c Rickard Strandqvist
[not found] ` <1400190998-28153-1-git-send-email-rickard_strandqvist-IW2WV5XWFqGZkjO+N0TKoMugMpMbD5Xr@public.gmane.org>
2014-05-15 22:07 ` Trond Myklebust
2014-05-15 22:10 ` Rickard Strandqvist
2014-05-16 12:19 ` Sergei Shtylyov
2014-05-17 16:36 ` Rickard Strandqvist
[not found] ` <CAFo99gatLzLpOu92N23bMQ=a25BTnK3QK2rAzoQJcU3oxMuMgA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-05-17 17:17 ` Trond Myklebust
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).