| Message ID | 20240229093756.129324-1-rand.sec96@gmail.com |
|---|---|
| State | Superseded |
| Headers | show |
| Series | ssb: Fix potential NULL pointer dereference in ssb_device_uevent | expand |
Rand Deeb <rand.sec96@gmail.com> wrote: > The ssb_device_uevent function first attempts to convert the 'dev' pointer > to 'struct ssb_device *'. However, it mistakenly dereferences 'dev' before > performing the NULL check, potentially leading to a NULL pointer > dereference if 'dev' is NULL. > > To fix this issue, this patch moves the NULL check before dereferencing the > 'dev' pointer, ensuring that the pointer is valid before attempting to use > it. > > Found by Linux Verification Center (linuxtesting.org) with SVACE. > > Signed-off-by: Rand Deeb <rand.sec96@gmail.com> > Acked-by: Michael Büsch <m@bues.ch> Failed to apply: error: sha1 information is lacking or useless (drivers/ssb/main.c). error: could not build fake ancestor hint: Use 'git am --show-current-patch=diff' to see the failed patch Applying: ssb: Fix potential NULL pointer dereference in ssb_device_uevent Patch failed at 0001 ssb: Fix potential NULL pointer dereference in ssb_device_uevent Patch set to Changes Requested.
Rand Deeb <rand.sec96@gmail.com> writes: > Hi Kalle, > > It seems there's been a mix-up in applying the patch. The previous patch > was intended for the linux-5.10.y branch, not the master branch. I > appreciate your attention to detail. > > The following patch has been tailored for the master branch and should > resolve the issue properly. Thank you for your understanding. This text should be below '---' line so that it's not included to the git history and you should restore the original commit message. Please submit v3 with the correct commit message and please also read the wiki link below.
diff --git a/drivers/ssb/main.c b/drivers/ssb/main.c index 9e54bc7eec66..74f549557a01 100644 --- a/drivers/ssb/main.c +++ b/drivers/ssb/main.c @@ -340,11 +340,13 @@ static int ssb_bus_match(struct device *dev, struct device_driver *drv) static int ssb_device_uevent(struct device *dev, struct kobj_uevent_env *env) { - struct ssb_device *ssb_dev = dev_to_ssb_dev(dev); + struct ssb_device *ssb_dev; if (!dev) return -ENODEV; + ssb_dev = dev_to_ssb_dev(dev); + return add_uevent_var(env, "MODALIAS=ssb:v%04Xid%04Xrev%02X", ssb_dev->id.vendor, ssb_dev->id.coreid,
The ssb_device_uevent function first attempts to convert the 'dev' pointer to 'struct ssb_device *'. However, it mistakenly dereferences 'dev' before performing the NULL check, potentially leading to a NULL pointer dereference if 'dev' is NULL. To fix this issue, this patch moves the NULL check before dereferencing the 'dev' pointer, ensuring that the pointer is valid before attempting to use it. Found by Linux Verification Center (linuxtesting.org) with SVACE. Signed-off-by: Rand Deeb <rand.sec96@gmail.com> --- drivers/ssb/main.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-)