On Sun, Jan 23, 2022 at 9:48 PM Pavel Skripkin <paskripkin@xxxxxxxxx> wrote: > > Hi Dongliang, > > On 1/22/22 09:45, Dongliang Mu wrote: > [...] > > >> Yeah, it seems like (at least based on code), that this dangling pointer > >> is not dangerous, since nothing accesses it. And next_siblings > >> _guaranteed_ to be NULL, since dev->next_siblings is set NULL in > >> disconnect() > > > > Yes, you're right. As a security researcher, I am sensitive to such > > dangling pointers. > > > > As its nullifying site is across functions, I suggest developers > > remove this dangling pointer in case that any newly added code in this > > function or before the nullifying location would touch next_siblings. > > > > Based on git blame this driver is very old (was added in 2012), so, I > guess, nothing really new will come up. > > Anyway, I am absolutely not a security person and if you think, that > this dangling pointer can be somehow used in exploitation you should > state it in commit message. > > > > If Pavel and others think it's fine, then it's time to close this patch. > > > > I don't have any big objections on the code itself. Maybe only 'if' can > be removed to just speed up the code, but I don't see why this change is > needed :) OK, let's move on. Leave alone this patch. > > > > > With regards, > Pavel Skripkin
