Received: by 2002:a05:6a10:5bc5:0:0:0:0 with SMTP id os5csp1316146pxb; Tue, 26 Oct 2021 06:54:01 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwP5h/Ppec/IySkydIrACWTNRAeGEjAd3QEB/kvUuDoMs06O/KWJ1BF7/FkHnc4E0Pj51Ry X-Received: by 2002:a63:b204:: with SMTP id x4mr18381425pge.212.1635256440981; Tue, 26 Oct 2021 06:54:00 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1635256440; cv=none; d=google.com; s=arc-20160816; b=ghbl6MrG9mObx6l0VNQZuf3z9RpvVia9iESephSB3Qao5p94AoYOB8amo91RLnip2Y AjhrfqTtAzayMgRv/40VPUg/zkxirksI9XJA4A7vX/qD7E03tVgRLDdV7FBe6VIUnRG8 VE0s31mG1vkuh6FKLzYy4hqlW7Drm9O+U/jj26hv4T67zMM2b/hDRkuUEtOWNnfocnJT qcn++EHgkGvOYT4++ZHhsDV2q814/zLPAh81ra80jxKcDKzBoaBh0hxDT8WHQZuwrkrE Rlc0K7WbgAi0ZjHIrV8vazc9meLIb85k5GVlEvfwEn6f3ahiJ7a+LvtI7wL11lSoIBsK pzqA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:date:to:from:subject:message-id :dkim-signature; bh=jY+ZCL8Nr+lNKUZnMKzONCXhUQE14bxqJk87ik6rqUw=; b=MByaGEEH9cky7Q4duPh7b9k8DRpkVmZAhrwZWB3/5iJaEA2bn6ekdDW5MpR5E5oGxF AS97Izsyl59HaCtGEFcAja3PcmqXzkWRvMvBk5CEjIiS5ev/vTgtUE47Jhlpo6AlLvOv gT0bjNwQNvKZGgpW6gvfYfS5TPR2v9QKIflpltp3cBN8LhvqAXM+GNt7FGf6RArX59mf e5hGhXPGvXIdeEehscbfTCuTNeIiuPu6GQK7PXTiKe55PPK3mugtctL1IELv9MA3icnf pYgS85uAvTX6Hnw2iqi4qKOQxrB6GUYrl6ZmRjJZ3OyKpdzrCl+KWt18t4rpkvIZXf9q 3Ueg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@infradead.org header.s=casper.20170209 header.b=KaJvgcir; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id r195si23741017pgr.602.2021.10.26.06.53.47; Tue, 26 Oct 2021 06:54:00 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@infradead.org header.s=casper.20170209 header.b=KaJvgcir; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233882AbhJZKdQ (ORCPT + 99 others); Tue, 26 Oct 2021 06:33:16 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57300 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233600AbhJZKdM (ORCPT ); Tue, 26 Oct 2021 06:33:12 -0400 Received: from casper.infradead.org (casper.infradead.org [IPv6:2001:8b0:10b:1236::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6F122C061745 for ; Tue, 26 Oct 2021 03:30:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=casper.20170209; h=Content-Transfer-Encoding:Mime-Version: Content-Type:References:In-Reply-To:Date:To:From:Subject:Message-ID:Sender: Reply-To:Cc:Content-ID:Content-Description; bh=jY+ZCL8Nr+lNKUZnMKzONCXhUQE14bxqJk87ik6rqUw=; b=KaJvgcir8yNar7MQzOg2KSEJDB g0Kj4e5vpUus+m749ihFhcYHZi3SvFLqMx+7cffN5I/64owawf6sTdKqO3I+Pm5Xw2bXAcGTN7jAN MyqCLwWj0l5+vGra/nK4Lv1lM3SvelsLaDWukQuoIkoSv+UVpBcFvfu6Rh+Y0LVsFADWHuQINtvjX jN7VDsk7U6bvIwkxTsZM4RDYp8h8ickeZLwLiWWobSqd306Lz5KjkWSxm3IyrRgtrrsCc+5T/KYsG lW3b39ulDP5BU0a1UYO788p+V6XrbrS+gCiZr13o8/9vycJ3KlKPINSdbypPtmqzLbmJa/3Tn7L38 K5p+9BxQ==; Received: from [212.102.57.91] (helo=u0c626add9cce5a.ant.amazon.com) by casper.infradead.org with esmtpsa (Exim 4.94.2 #2 (Red Hat Linux)) id 1mfJi1-00GmdF-G3; Tue, 26 Oct 2021 10:29:45 +0000 Message-ID: Subject: Re: drivers/char: suspected null-pointer dereference problem in handle_control_message From: Amit Shah To: YE Chengfeng , "amit@kernel.org" , "arnd@arndb.de" , "linux-kernel@vger.kernel.org" Date: Tue, 26 Oct 2021 12:29:31 +0200 In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.28.5-0ubuntu0.18.04.2 Mime-Version: 1.0 Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, 2021-10-26 at 06:17 +0000, YE Chengfeng wrote: > Hi, > > https://github.com/torvalds/linux/blob/master/drivers/char/virtio_console.c#L1657 > > Our experimental static analysis tool detects a suspected null-pointer-dereference problem. We manually check it, but It still could be false positive because we are not familiar with the code. We report this to you just in case. > > We notice that in some branches of switch case at line #1582, the pointer port is null check. But null check is missing at line #1657 and line #1633. It seems like a suspected null-pointer dereference pointer. Would you like to spare some time to have a look at it? For this NULL deref to happen, the host will have to send a port_name command before a port_add command. Worrying about that isn't worthwhile. If you'd like to add a generic `if (unlikely(!port))` after line 1579 there, that'd be fine as a hint to the static analysis tools, though, so just for that reason, it might be worthwhile. Amit