| Message ID | 1400190998-28153-1-git-send-email-rickard_strandqvist@spectrumdigital.se (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
On Thu, May 15, 2014 at 5:56 PM, Rickard Strandqvist <rickard_strandqvist@spectrumdigital.se> wrote: > There is otherwise a risk of a possible null pointer dereference. > > Was largely found by using a static code analysis program called cppcheck. > > Signed-off-by: Rickard Strandqvist <rickard_strandqvist@spectrumdigital.se> > --- > net/sunrpc/auth.c | 10 +++++++--- > 1 fil ändrad, 7 tillägg(+), 3 borttagningar(-) > > diff --git a/net/sunrpc/auth.c b/net/sunrpc/auth.c > index 5285ead..3a55698 100644 > --- a/net/sunrpc/auth.c > +++ b/net/sunrpc/auth.c > @@ -801,10 +801,14 @@ rpcauth_invalcred(struct rpc_task *task) > { > struct rpc_cred *cred = task->tk_rqstp->rq_cred; > > - dprintk("RPC: %5u invalidating %s cred %p\n", > - task->tk_pid, cred->cr_auth->au_ops->au_name, cred); > - if (cred) > + if (cred) { > + dprintk("RPC: %5u invalidating %s cred %p\n", > + task->tk_pid, cred->cr_auth->au_ops->au_name, cred); > + > clear_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags); > + } > + else > + dprintk("RPC: %5u invalidating is NULL\n", task->tk_pid); > } > > Can you please explain how we can get to rpcauth_invalcred() without a valid cred pointer? I'm not seeing it... Cheers Trond -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Hi I do not know, I'm not an expert on this code. But since there before was a if (cred) someone must have thought this could happen. Best regards Rickard Strandqvist 2014-05-16 0:07 GMT+02:00 Trond Myklebust <trond.myklebust@primarydata.com>: > On Thu, May 15, 2014 at 5:56 PM, Rickard Strandqvist > <rickard_strandqvist@spectrumdigital.se> wrote: >> There is otherwise a risk of a possible null pointer dereference. >> >> Was largely found by using a static code analysis program called cppcheck. >> >> Signed-off-by: Rickard Strandqvist <rickard_strandqvist@spectrumdigital.se> >> --- >> net/sunrpc/auth.c | 10 +++++++--- >> 1 fil ändrad, 7 tillägg(+), 3 borttagningar(-) >> >> diff --git a/net/sunrpc/auth.c b/net/sunrpc/auth.c >> index 5285ead..3a55698 100644 >> --- a/net/sunrpc/auth.c >> +++ b/net/sunrpc/auth.c >> @@ -801,10 +801,14 @@ rpcauth_invalcred(struct rpc_task *task) >> { >> struct rpc_cred *cred = task->tk_rqstp->rq_cred; >> >> - dprintk("RPC: %5u invalidating %s cred %p\n", >> - task->tk_pid, cred->cr_auth->au_ops->au_name, cred); >> - if (cred) >> + if (cred) { >> + dprintk("RPC: %5u invalidating %s cred %p\n", >> + task->tk_pid, cred->cr_auth->au_ops->au_name, cred); >> + >> clear_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags); >> + } >> + else >> + dprintk("RPC: %5u invalidating is NULL\n", task->tk_pid); >> } >> >> > > Can you please explain how we can get to rpcauth_invalcred() without a > valid cred pointer? I'm not seeing it... > > Cheers > Trond -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Hello. On 16-05-2014 1:56, Rickard Strandqvist wrote: > There is otherwise a risk of a possible null pointer dereference. > Was largely found by using a static code analysis program called cppcheck. > Signed-off-by: Rickard Strandqvist <rickard_strandqvist@spectrumdigital.se> > --- > net/sunrpc/auth.c | 10 +++++++--- > 1 fil ändrad, 7 tillägg(+), 3 borttagningar(-) > diff --git a/net/sunrpc/auth.c b/net/sunrpc/auth.c > index 5285ead..3a55698 100644 > --- a/net/sunrpc/auth.c > +++ b/net/sunrpc/auth.c > @@ -801,10 +801,14 @@ rpcauth_invalcred(struct rpc_task *task) > { > struct rpc_cred *cred = task->tk_rqstp->rq_cred; > > - dprintk("RPC: %5u invalidating %s cred %p\n", > - task->tk_pid, cred->cr_auth->au_ops->au_name, cred); > - if (cred) > + if (cred) { > + dprintk("RPC: %5u invalidating %s cred %p\n", > + task->tk_pid, cred->cr_auth->au_ops->au_name, cred); > + > clear_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags); > + } > + else } and *else* should be on the same line, and there should be {} in the *else* arm since there's {} in the *if* arm already, according to Documentation/CodingStyle. > + dprintk("RPC: %5u invalidating is NULL\n", task->tk_pid); That's not a proper English, I'm afraid. > } WBR, Sergei -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/net/sunrpc/auth.c b/net/sunrpc/auth.c index 5285ead..3a55698 100644 --- a/net/sunrpc/auth.c +++ b/net/sunrpc/auth.c @@ -801,10 +801,14 @@ rpcauth_invalcred(struct rpc_task *task) { struct rpc_cred *cred = task->tk_rqstp->rq_cred; - dprintk("RPC: %5u invalidating %s cred %p\n", - task->tk_pid, cred->cr_auth->au_ops->au_name, cred); - if (cred) + if (cred) { + dprintk("RPC: %5u invalidating %s cred %p\n", + task->tk_pid, cred->cr_auth->au_ops->au_name, cred); + clear_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags); + } + else + dprintk("RPC: %5u invalidating is NULL\n", task->tk_pid); } int
There is otherwise a risk of a possible null pointer dereference. Was largely found by using a static code analysis program called cppcheck. Signed-off-by: Rickard Strandqvist <rickard_strandqvist@spectrumdigital.se> --- net/sunrpc/auth.c | 10 +++++++--- 1 fil ändrad, 7 tillägg(+), 3 borttagningar(-)