Re: [PATCH v3 1/9] driver core: class: Fix wild pointer dereferences in API class_dev_iter_next()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 2024/12/16 23:36, Jonathan Cameron wrote:
>> Actually, all callers of these APIs have such usage pattern in kernel tree.
>> Fix by:
>> - Initialize output parameter @iter by memset() in class_dev_iter_init()
>>   and give callers prompt by pr_crit() for the error.
>> - Check if @iter is valid in class_dev_iter_next().
>>
>> Fixes: 7b884b7f24b4 ("driver core: class.c: convert to only use class_to_subsys")
>> Signed-off-by: Zijun Hu <quic_zijuhu@xxxxxxxxxxx>
> This looks fine in general, but over to the core device model folk for which
> element they think should be used as the sentinel and whether zeroing the
> whole thing makes sense or just the one being used as a flag, or even setting
> it to an error pointer.

thank you Jonathan for code review.

i actually ever thought about below change and finally dropped it.

-       if (!sp)
+       if (!sp) {
+               iter->sp = NULL;
                return;
+       }


For such APIs, they return void, and does not any output parameter to
feedback operation results.
it may be good practice to always reset its output parameters firstly.




[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [eCos]     [Asterisk Internet PBX]     [Linux API]     [Monitors]

  Powered by Linux