Message ID | 20230113133320.7531-1-abelova@astralinux.ru (mailing list archive) |
---|---|
State | Rejected |
Headers | show |
Series | iio: chemical: scd30: Add check for NULL in scd30_i2c_command | expand |
On Fri, Jan 13, 2023 at 3:33 PM Anastasia Belova <abelova@astralinux.ru> wrote: > > Check rsp for NULL-pointer before dereferencing. > > Found by Linux Verification Center (linuxtesting.org) with SVACE. NAK.
On 13.01.2023 16:33, Anastasia Belova wrote: > Check rsp for NULL-pointer before dereferencing. > > Found by Linux Verification Center (linuxtesting.org) with SVACE. > > Fixes: e510190e0139 ("iio: chemical: scd30: add I2C interface driver") > Signed-off-by: Anastasia Belova <abelova@astralinux.ru> > --- > drivers/iio/chemical/scd30_i2c.c | 6 ++++-- > 1 file changed, 4 insertions(+), 2 deletions(-) > > diff --git a/drivers/iio/chemical/scd30_i2c.c b/drivers/iio/chemical/scd30_i2c.c > index bae479a4721f..84baf67fc0ce 100644 > --- a/drivers/iio/chemical/scd30_i2c.c > +++ b/drivers/iio/chemical/scd30_i2c.c > @@ -101,8 +101,10 @@ static int scd30_i2c_command(struct scd30_state *state, enum scd30_cmd cmd, u16 > return -EIO; > } > > - *rsp++ = buf[i]; > - *rsp++ = buf[i + 1]; > + if (rsp) { > + *rsp++ = buf[i]; > + *rsp++ = buf[i + 1]; > + } > } > > return 0; > It seems it is better to put the whole validation loop under if (rsp) check. -- Alexey
On Fri, Jan 13, 2023 at 8:41 PM Alexey Khoroshilov <khoroshilov@ispras.ru> wrote: > On 13.01.2023 16:33, Anastasia Belova wrote: > It seems it is better to put the whole validation loop under if (rsp) > check. No. The entire patch is redundant. The code that calls this function is under the control of the same driver, so we know how to avoid shooting in our foot.
On 13.01.2023 21:47, Andy Shevchenko wrote: > On Fri, Jan 13, 2023 at 8:41 PM Alexey Khoroshilov > <khoroshilov@ispras.ru> wrote: >> On 13.01.2023 16:33, Anastasia Belova wrote: > >> It seems it is better to put the whole validation loop under if (rsp) >> check. > > No. The entire patch is redundant. > The code that calls this function is under the control of the same > driver, so we know how to avoid shooting in our foot. I see, there is an assumption that response is NULL iff size is zero. May be it could be documented, because naming of arguments does not make such assumption obvious for fresh readers. -- Thank you, Alexey
On Fri, Jan 13, 2023 at 9:27 PM Alexey Khoroshilov <khoroshilov@ispras.ru> wrote: > On 13.01.2023 21:47, Andy Shevchenko wrote: > > On Fri, Jan 13, 2023 at 8:41 PM Alexey Khoroshilov > > <khoroshilov@ispras.ru> wrote: > >> On 13.01.2023 16:33, Anastasia Belova wrote: > > > >> It seems it is better to put the whole validation loop under if (rsp) > >> check. > > > > No. The entire patch is redundant. > > The code that calls this function is under the control of the same > > driver, so we know how to avoid shooting in our foot. > > I see, there is an assumption that response is NULL iff size is zero. Yes. ->read() is called with (NULL, 0) and the code copes with this. A similar situation was discussed recently and Linus T. rejected a proposed change in vsnprintf(). > May be it could be documented, because naming of arguments does not make > such assumption obvious for fresh readers. Documentation improvements are always appreciated!
diff --git a/drivers/iio/chemical/scd30_i2c.c b/drivers/iio/chemical/scd30_i2c.c index bae479a4721f..84baf67fc0ce 100644 --- a/drivers/iio/chemical/scd30_i2c.c +++ b/drivers/iio/chemical/scd30_i2c.c @@ -101,8 +101,10 @@ static int scd30_i2c_command(struct scd30_state *state, enum scd30_cmd cmd, u16 return -EIO; } - *rsp++ = buf[i]; - *rsp++ = buf[i + 1]; + if (rsp) { + *rsp++ = buf[i]; + *rsp++ = buf[i + 1]; + } } return 0;
Check rsp for NULL-pointer before dereferencing. Found by Linux Verification Center (linuxtesting.org) with SVACE. Fixes: e510190e0139 ("iio: chemical: scd30: add I2C interface driver") Signed-off-by: Anastasia Belova <abelova@astralinux.ru> --- drivers/iio/chemical/scd30_i2c.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-)