iphase: Adding a null pointer check

Message ID	20231107123600.14529-1-shum.sdl@nppct.ru (mailing list archive)
State	Rejected
Delegated to:	Netdev Maintainers
Headers	show Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 736082FE31 for <netdev@vger.kernel.org>; Tue, 7 Nov 2023 12:36:25 +0000 (UTC) From: Andrey Shumilin <shum.sdl@nppct.ru> To: 3chas3@gmail.com Cc: Andrey Shumilin <shum.sdl@nppct.ru>, linux-atm-general@lists.sourceforge.net, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, lvc-project@linuxtesting.org, khoroshilov@ispras.ru, ykarpov@ispras.ru, vmerzlyakov@ispras.ru, vefanov@ispras.ru Subject: [PATCH] iphase: Adding a null pointer check Date: Tue, 7 Nov 2023 15:36:00 +0300 Message-Id: <20231107123600.14529-1-shum.sdl@nppct.ru> Precedence: bulk MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	iphase: Adding a null pointer check \| expand iphase: Adding a null pointer check

Message ID

20231107123600.14529-1-shum.sdl@nppct.ru (mailing list archive)

State

Rejected

Delegated to:

Netdev Maintainers

Headers

From: Andrey Shumilin <shum.sdl@nppct.ru>
To: 3chas3@gmail.com
Cc: Andrey Shumilin <shum.sdl@nppct.ru>,
	linux-atm-general@lists.sourceforge.net,
	netdev@vger.kernel.org,
	linux-kernel@vger.kernel.org,
	lvc-project@linuxtesting.org,
	khoroshilov@ispras.ru,
	ykarpov@ispras.ru,
	vmerzlyakov@ispras.ru,
	vefanov@ispras.ru
Subject: [PATCH] iphase: Adding a null pointer check
Date: Tue,  7 Nov 2023 15:36:00 +0300
Message-Id: <20231107123600.14529-1-shum.sdl@nppct.ru>
Precedence: bulk
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

iphase: Adding a null pointer check | expand

Context	Check	Description
netdev/series_format	warning	Single patches do not need cover letters; Target tree name not specified in the subject
netdev/tree_selection	success	Guessed tree name to be net-next
netdev/fixes_present	success	Fixes tag not required for -next series
netdev/header_inline	success	No static functions without inline keyword in header files
netdev/build_32bit	success	Errors and warnings before: 1413 this patch: 1413
netdev/cc_maintainers	success	CCed 3 of 3 maintainers
netdev/build_clang	success	Errors and warnings before: 1378 this patch: 1378
netdev/verify_signedoff	success	Signed-off-by tag matches author and committer
netdev/deprecated_api	success	None detected
netdev/check_selftest	success	No net selftest shell script
netdev/verify_fixes	success	No Fixes tag
netdev/build_allmodconfig_warn	success	Errors and warnings before: 1441 this patch: 1441
netdev/checkpatch	fail	ERROR: do not use assignment in if condition WARNING: Statements should start on a tabstop WARNING: please, no spaces at the start of a line WARNING: printk() should include KERN_<LEVEL> facility level WARNING: suspect code indent for conditional statements (7, 11)
netdev/build_clang_rust	success	No Rust files in patch. Skipping build
netdev/kdoc	success	Errors and warnings before: 0 this patch: 0
netdev/source_inline	success	Was 0 now: 0

Context

Check

Description

netdev/series_format

warning

Single patches do not need cover letters; Target tree name not specified in the subject

netdev/tree_selection

success

Guessed tree name to be net-next

netdev/fixes_present

success

Fixes tag not required for -next series

netdev/header_inline

success

No static functions without inline keyword in header files

netdev/build_32bit

success

Errors and warnings before: 1413 this patch: 1413

netdev/cc_maintainers

success

CCed 3 of 3 maintainers

netdev/build_clang

success

Errors and warnings before: 1378 this patch: 1378

netdev/verify_signedoff

success

Signed-off-by tag matches author and committer

netdev/deprecated_api

success

None detected

netdev/check_selftest

success

No net selftest shell script

netdev/verify_fixes

success

No Fixes tag

netdev/build_allmodconfig_warn

success

Errors and warnings before: 1441 this patch: 1441

netdev/checkpatch

fail

ERROR: do not use assignment in if condition WARNING: Statements should start on a tabstop WARNING: please, no spaces at the start of a line WARNING: printk() should include KERN_<LEVEL> facility level WARNING: suspect code indent for conditional statements (7, 11)

netdev/build_clang_rust

success

No Rust files in patch. Skipping build

netdev/kdoc

success

Errors and warnings before: 0 this patch: 0

netdev/source_inline

success

Was 0 now: 0

Commit Message

Andrey Shumilin Nov. 7, 2023, 12:36 p.m. UTC

The pointer <dev->desc_tbl[i].iavcc> is dereferenced on line 195.
Further in the code, it is checked for null on line 204.
It is proposed to add a check before dereferencing the pointer.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Signed-off-by: Andrey Shumilin <shum.sdl@nppct.ru>
---
 drivers/atm/iphase.c | 5 +++++
 1 file changed, 5 insertions(+)

Comments

Jakub Kicinski Nov. 9, 2023, 2:40 a.m. UTC | #1

On Tue,  7 Nov 2023 15:36:00 +0300 Andrey Shumilin wrote:
> The pointer <dev->desc_tbl[i].iavcc> is dereferenced on line 195.
> Further in the code, it is checked for null on line 204.
> It is proposed to add a check before dereferencing the pointer.

How do you know this is the right way to address the problem.
Much easier to debug a crash than misbehaving driver.

This is ancient code, leave it be.

Alexey Khoroshilov Jan. 8, 2024, 5:28 p.m. UTC | #2

Proposal for subject:

atm: iphase: Move check for NULL before derefence in get_desc()


On 07.11.2023 15:36, Andrey Shumilin wrote:
> The pointer <dev->desc_tbl[i].iavcc> is dereferenced on line 195.
> Further in the code, it is checked for null on line 204.
> It is proposed to add a check before dereferencing the pointer.

Line numbers in commit messages are not welcome since they are subject
for change and a reader of the message likely has other code at that
lines in his version of the file.

> 
> Found by Linux Verification Center (linuxtesting.org) with SVACE.
> 
> Signed-off-by: Andrey Shumilin <shum.sdl@nppct.ru>
> ---
>  drivers/atm/iphase.c | 5 +++++
>  1 file changed, 5 insertions(+)
> 
> diff --git a/drivers/atm/iphase.c b/drivers/atm/iphase.c
> index 324148686953..596422fbfacc 100644
> --- a/drivers/atm/iphase.c
> +++ b/drivers/atm/iphase.c
> @@ -192,6 +192,11 @@ static u16 get_desc (IADEV *dev, struct ia_vcc *iavcc) {
>             i++;
>             continue;
>          }
> +       if (!(iavcc_r = dev->desc_tbl[i].iavcc)) {
> +	   printk("Fatal err, desc table vcc or skb is NULL\n");
> +	   i++;
> +	   continue;
> +	}

Error message should be fixed, skb is not check for NULL here.

>          ltimeout = dev->desc_tbl[i].iavcc->ltimeout; 
>          delta = jiffies - dev->desc_tbl[i].timestamp;
>          if (delta >= ltimeout) {
> 


>           if (!dev->desc_tbl[i].txskb || !(iavcc_r =
dev->desc_tbl[i].iavcc))
>              printk("Fatal err, desc table vcc or skb is NULL\n");


The existing check should be fixed to check for skb only.

--
Alexey

diff --git a/drivers/atm/iphase.c b/drivers/atm/iphase.c
index 324148686953..596422fbfacc 100644
--- a/drivers/atm/iphase.c
+++ b/drivers/atm/iphase.c
@@ -192,6 +192,11 @@  static u16 get_desc (IADEV *dev, struct ia_vcc *iavcc) {
            i++;
            continue;
         }
+       if (!(iavcc_r = dev->desc_tbl[i].iavcc)) {
+	   printk("Fatal err, desc table vcc or skb is NULL\n");
+	   i++;
+	   continue;
+	}
         ltimeout = dev->desc_tbl[i].iavcc->ltimeout; 
         delta = jiffies - dev->desc_tbl[i].timestamp;
         if (delta >= ltimeout) {

iphase: Adding a null pointer check

Checks

Commit Message

Comments

Patch