Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752167AbdFUV4z (ORCPT ); Wed, 21 Jun 2017 17:56:55 -0400 Received: from shards.monkeyblade.net ([184.105.139.130]:47150 "EHLO shards.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751994AbdFUV4y (ORCPT ); Wed, 21 Jun 2017 17:56:54 -0400 Date: Wed, 21 Jun 2017 17:56:51 -0400 (EDT) Message-Id: <20170621.175651.854625612625047729.davem@davemloft.net> To: michael.j.dilmore@gmail.com Cc: jay.vosburgh@canonical.com, vfalico@gmail.com, andy@greyhouse.net, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, joe@perches.com Subject: Re: [PATCH] Convert BUG_ON to WARN_ON in bond_options.c From: David Miller In-Reply-To: References: <20170621.173655.1945994342723484710.davem@davemloft.net> X-Mailer: Mew version 6.7 on Emacs 25.2 / Mule 6.0 (HANACHIRUSATO) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.5.12 (shards.monkeyblade.net [149.20.54.216]); Wed, 21 Jun 2017 14:15:09 -0700 (PDT) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 543 Lines: 15 From: Michael D Date: Wed, 21 Jun 2017 22:41:07 +0100 > I don't think you can stop it being dereferenced... you just need to > prevent an attacker from exploiting the null pointer dereference > vulnerability right? And this is done by returning the function right > away? What's all of this about an "attacker"? If there is a bug, we dererence a NULL pointer, and we should fix that bug. The BUG_ON() helps us see where the problem is while at the same time stopping the kernel before the NULL deref happens.