From mboxrd@z Thu Jan 1 00:00:00 1970 From: Helmut Raiger Date: Thu, 07 Jul 2011 08:12:04 +0200 Subject: [U-Boot] [PATCH 1/2] net/eth.c: make eth_get_dev_by_name(NULL) safe In-Reply-To: <201107061538.45781.vapier@gentoo.org> References: <4E118AD9.9000200@hale.at> <201107042344.55693.vapier@gentoo.org> <4E140B7C.7090802@hale.at> <201107061538.45781.vapier@gentoo.org> Message-ID: <4E154E34.3090800@hale.at> List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: u-boot@lists.denx.de On 07/06/2011 09:38 PM, Mike Frysinger wrote: > On Wednesday, July 06, 2011 03:15:08 Helmut Raiger wrote: >> On 07/05/2011 05:44 AM, Mike Frysinger wrote: >>> On Monday, July 04, 2011 06:29:51 helmut.raiger at hale.at wrote: >>>> eth_get_dev_by_name() is not safe to use for devname being NULL >>>> as it uses strcmp. This patch makes it return NULL if devname NULL >>>> is passed. >>> i'm not sure about this. passing NULL is wrong, and the caller should >>> catch that shouldnt it ? >> So what is your suggestion how to deal with it? > in what situation is eth_get_dev_by_name(NULL) being called ? my suggestion > would be to fix that call point since it's doing something wrong. > -mike I couldn't find a situation where this might be the case. But as Luca Ceresoli pointed out in his e-mail, somewhere up the thread, that he tested for devname being NULL in his miiphy_read and write routines, I checked eth_get_dev_by_name() and found that it is vulnerable to passing a NULL pointer, hence the fix. Is there something missing for the patch to be acknowledged? It's hanging there quite a while now? Helmut -- Scanned by MailScanner.