Received: by 2002:a25:86ce:0:0:0:0:0 with SMTP id y14csp483608ybm; Mon, 20 May 2019 21:02:01 -0700 (PDT) X-Google-Smtp-Source: APXvYqxInwcvv7sunDeLDlLpwsB17Amuw5pinThB3wZULXU6zEVlopy65bBoKW/Bn0Z5pS1hMnsL X-Received: by 2002:a17:902:e18d:: with SMTP id cd13mr12379999plb.301.1558411321447; Mon, 20 May 2019 21:02:01 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1558411321; cv=none; d=google.com; s=arc-20160816; b=RvBpp0wkVF+xUST3mxwMkvMebd10SdYa7dgkutFLie+A0o7Plj14rOBZqs0o0q5L4H EiLQIsi71saBByqq1OKDv3cT+NC+OXC6EdYgI5uczreWk90Z1g+kI6Ndi+TmozveGeoR 2ITUYibZubWoTlgy/a4Zg3O2YxovI63j1iuiCRaSE9AAC219nc+XtVzrHyzjPrJNDBTk 8Vod7YDT+WkF1hVEuOpM3XGBDk8Ms4CyjDkqej94KbLwFUnYiExkUuOn8HXIBJkFo7sF AOpfL4UusA2EbM45Cma5LVUu8Q4YAtiA2qCWSvHE0emzyD/fdG/MXBLGoDBSBXk/xmaH cbAw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=3eNkdh4mO8pIZ3fXGLoczke3nP1H3XUCZBixj8gSPtM=; b=t7sIHEbdIhOSh4PWbUlXFx+D4nMCL6FZ07J2HazkgGvjX6Ze6n9oMMoxn+jAeSwLf4 K5M9lwEziQIhu4CUqaqiBW4i3eZLoNIbKqTE89zg1Bigy+K1vHP3thCC9w7JfTtNlYEV /HrRu7geZlmsXMSpUnrR6M88ydVNV2IXUDtu+BjcHau1uScAs4cpGAwQH50g62CYcXmk hrxx9jkC2u7JPJetMJEL61DxE5Iavk1g0B1TNSRrPwEfigfuD6voMCqBqr/9YplrC2r2 LyVJxZ/t0LF306uX+O1hxopSiGjq7NA2V66Dyy7v3kruecFUSN+2weOp7ExufPq+A6ZC Nx2w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=FlWtgtsi; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id be9si8084278plb.21.2019.05.20.21.01.44; Mon, 20 May 2019 21:02:01 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=FlWtgtsi; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1725794AbfEUEAe (ORCPT + 99 others); Tue, 21 May 2019 00:00:34 -0400 Received: from mail-pf1-f194.google.com ([209.85.210.194]:46728 "EHLO mail-pf1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725283AbfEUEAe (ORCPT ); Tue, 21 May 2019 00:00:34 -0400 Received: by mail-pf1-f194.google.com with SMTP id y11so8295120pfm.13 for ; Mon, 20 May 2019 21:00:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to:user-agent; bh=3eNkdh4mO8pIZ3fXGLoczke3nP1H3XUCZBixj8gSPtM=; b=FlWtgtsiqkqsJMsMh+w5KMie8AV1p53bkphNoR7ejMBqU9PX6KQSkxDFSUVE4Eeefg eve/6pSpoBZ5kxn6rCxyu/a9Kan/+MY/qzmiQC1UgIr0u4NYjJcGtbuXy09CuzcizweI y8ZKlBV1/FTvQQkRrGBIt3rZmdb6kJLQvKKSnmafOb3za0Re0gggz34TPAvZ65yVUSlh m7H8zRYYTsl1LaAa+c0ziNOTqAiRP9E9UUloXg48JFCz8ewCuqgTsQFeJqAJNsHhmBCP Qc5nB2P2UzhA7CFD4OSLJWOXnARNvQ0c6/9REKrv9tq7hDYuahXUF8CSw5GCDk9cDHxl JcKQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=3eNkdh4mO8pIZ3fXGLoczke3nP1H3XUCZBixj8gSPtM=; b=eYlhsUDOZlEUVjLELnUDrowguY0NUo9pMqiiW2oGRg9vQPK/TvA7W8DP78ddEbC2ii B7NVpoj5ulK6TmRPBodsJIGGOmnZeZPZrbnUq/qfNhf9PHHbm2qcqSJ0AeB04kd6UcG3 2BMPAINV1kudAI9FCyi/d155gcss8ZWVptTi/8Vz7ZW5BS4qZg0fv8r//CfUZPyXkzXo 9iCCfGVmYfJer9TWboU3oFULFk4StDRWgJtJKZiaTuVivPRllVG5XI+YI/eZUvsl8M6H GAKRV+xQrtA4BQBkXg68GYIgVSsP4dDXcsYjh7Hi2bj3u83MA0GxWHyIqRg59DImVzGH 2VWA== X-Gm-Message-State: APjAAAXzwBxstbZBDLmXufRKn6jVE4dd10vhvwQQSryqM6A8spY6dd13 OkN/J04u3YCpdWXydkA2HP4= X-Received: by 2002:a65:500d:: with SMTP id f13mr5514374pgo.151.1558411233744; Mon, 20 May 2019 21:00:33 -0700 (PDT) Received: from zhanggen-UX430UQ ([66.42.35.75]) by smtp.gmail.com with ESMTPSA id t142sm13547983pgb.32.2019.05.20.21.00.30 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 20 May 2019 21:00:33 -0700 (PDT) Date: Tue, 21 May 2019 12:00:19 +0800 From: Gen Zhang To: Nicolas Pitre Cc: linux-kernel@vger.kernel.org Subject: Re: [PATCH v2] vt: Fix a missing-check bug in drivers/tty/vt/vt.c Message-ID: <20190521040019.GD5263@zhanggen-UX430UQ> References: <20190521022940.GA4858@zhanggen-UX430UQ> <20190521030905.GB5263@zhanggen-UX430UQ> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.24 (2015-08-30) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, May 20, 2019 at 11:26:20PM -0400, Nicolas Pitre wrote: > On Tue, 21 May 2019, Gen Zhang wrote: > > > On Mon, May 20, 2019 at 10:55:40PM -0400, Nicolas Pitre wrote: > > > On Tue, 21 May 2019, Gen Zhang wrote: > > > > > > > In function con_init(), the pointer variable vc_cons[currcons].d, vc and > > > > vc->vc_screenbuf is allocated a memory space via kzalloc(). And they are > > > > used in the following codes. > > > > However, when there is a memory allocation error, kzalloc() can fail. > > > > Thus null pointer (vc_cons[currcons].d, vc and vc->vc_screenbuf) > > > > dereference may happen. And it will cause the kernel to crash. Therefore, > > > > we should check return value and handle the error. > > > > Further,the loop condition MIN_NR_CONSOLES is defined as 1 in > > > > include/uapi/linux/vt.h. So there is no need to unwind the loop. > > > > > > But what if someone changes that define? It won't be obvious that some > > > code did rely on it to be defined to 1. > > I re-examine the source code. MIN_NR_CONSOLES is only defined once and > > no other changes to it. > > Yes, that is true today. But if someone changes that in the future, how > will that person know that you relied on it to be 1 for not needing to > unwind the loop? > > > Nicolas Hi Nicolas, Thanks for your explaination! And I got your point. And is this way proper? err_vc_screenbuf: kfree(vc); for (currcons = 0; currcons < MIN_NR_CONSOLES; currcons++) vc_cons[currcons].d = NULL; return -ENOMEM; err_vc: console_unlock(); return -ENOMEM; Thanks Gen