Received: by 2002:a89:d88:0:b0:1fa:5c73:8e2d with SMTP id eb8csp764893lqb; Fri, 24 May 2024 12:24:01 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCVMS0IpKwzQKBU2HmhHib67gZzOqPh3acvgzTKn4Rf7Xq6VIrC3Au2haWZZ/Voy2247Ai1babEI6/e0itBPkXOJ8ICVa/aHIL19jYLYKw== X-Google-Smtp-Source: AGHT+IG1dP2eyH6TTOpQPCOjkymKNia07swydJVTVeLdXCWUTM6yoY6gA5Byp9teavjmDNQMxHWD X-Received: by 2002:a05:6a20:841c:b0:1a9:b3e9:a62c with SMTP id adf61e73a8af0-1b212e1c902mr4355607637.48.1716578641115; Fri, 24 May 2024 12:24:01 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1716578641; cv=pass; d=google.com; s=arc-20160816; b=oYoM1anSbjIKpBKHStqdRO7h+R5Whc907n9cHirEYvklxmzqmjCj1HXDpQo/NxCEMQ 5d7LuEhthD+KSW98TzSBIUsaB26dyFyxU6uZL9dg1YIvx3phhQUybVGfCuJ7I6VYMvUf XWf+1pSxvbLw5pF3G3mvLDuamDweu/6p425cHfJWWdD5fjnBUZxnplY3t5M76dBv6NVI dwMdmgQrMN0vRCzQMiq5LW0IpSwY+BiXR3jhcWC/TS2wuK//b302hySHGZpPmelfnnzy L40IbwDX5vrT1l6RENVjkiXKn6m6o25REsUepQlMy4LB6a+S4u4Zr94Ew17yQl4BjI5b YuiQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :subject:cc:to:from:date:dkim-signature; bh=sBVEXV5pkOYK7mwXLt3tYTyfTxhS3I4f/Mqpt+to70s=; fh=JtdCEcSodqlvXgLqbj8p3ZhqZGFo/McqrovFA9lMWqs=; b=n4FVowyQdIPnZeNepbF5I7H2JmeNsjHrZSdKRwb0GeyUaf67BOCKW7FlcG2i8vhmKd 5EtWx/gLISSTVwD8bMYhq6cEANEnaLe9pHZZx9hb1WD+cHPCP0e+8wlX72WdykOt+S+Y vezqo5XCbib9ebtpsPK7qJ1ML9eTs22iOuIPEoHdvqsOlMuzbk0eKOy3C4hJkN6wiyCp wKeENdUqF1wvAxSGQwVVXMrjwh2cDDw8SKl7G7ofCmVoTqUMUxSNaiPcOKq8O8uTs01I b79D7WwoylghihSiFPhterc6+A2ARSUs9RgStVz6OW8OWJockBUf6s0L+2sQPbUI+AZP C43w==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=korg header.b=S0SJt4mE; arc=pass (i=1 dkim=pass dkdomain=linux-foundation.org); spf=pass (google.com: domain of linux-kernel+bounces-189043-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-189043-linux.lists.archive=gmail.com@vger.kernel.org" Return-Path: Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [147.75.48.161]) by mx.google.com with ESMTPS id 41be03b00d2f7-682275b3123si1781461a12.382.2024.05.24.12.24.00 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 24 May 2024 12:24:01 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-189043-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) client-ip=147.75.48.161; Authentication-Results: mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=korg header.b=S0SJt4mE; arc=pass (i=1 dkim=pass dkdomain=linux-foundation.org); spf=pass (google.com: domain of linux-kernel+bounces-189043-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-189043-linux.lists.archive=gmail.com@vger.kernel.org" Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id BE538B214B6 for ; Fri, 24 May 2024 19:23:56 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 18B2A57C94; Fri, 24 May 2024 19:23:52 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux-foundation.org header.i=@linux-foundation.org header.b="S0SJt4mE" Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3FD5D5674B for ; Fri, 24 May 2024 19:23:50 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1716578631; cv=none; b=B6KaqMKigrx2+/Wd/YT3e6bqwHxJFfyxNxP8rq0UV3qjhXdwfAjSos7tSU0GLDjP2CAHjysliFD/SdaYvsdn5VMp/Xm2ttX9THtuuGd01hlktMkAEyfkqtGp0u881SZhmFp1DNE8E9297/y16BIg/XttRQ4lb9Ms/K5fBMXB06I= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1716578631; c=relaxed/simple; bh=an+56TCay0hx2I5X0ZsHR2PGodXzu+U9P0uKBuDlkKI=; h=Date:From:To:Cc:Subject:Message-Id:In-Reply-To:References: Mime-Version:Content-Type; b=jwzSgeMEco28NDC+iLtWttjFCYAdvaWXxTrBDg+vd2aPC+elR7WMFjTrK2kkWjBG6np/aWDYiereKItyBxfyKvGqQCuK7OXbwoBrvec3WTrWgxKoQD33zNQoCwMSl2p/SjZUF2Qa0D/LUjd7efZeHxLZJdYmGc/+KT2QJ/Sg9Ug= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux-foundation.org header.i=@linux-foundation.org header.b=S0SJt4mE; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id A5FB8C2BBFC; Fri, 24 May 2024 19:23:50 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linux-foundation.org; s=korg; t=1716578630; bh=an+56TCay0hx2I5X0ZsHR2PGodXzu+U9P0uKBuDlkKI=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=S0SJt4mElogTK1nKWV1ZZfHZhV50PYGOHB+4tCgWNbwv+dl2RpjgVRm2sjQEPKL2p CkjgbQ3YlhIRccU+/WWaEp5JxilMlO+CHSMI7eC30QZARIwQiWNRKiL1SShJ2s0HRa /zKMcT7uZQ2WuEiKvRhQnSuTKuEzpgdb9V/sRBAM= Date: Fri, 24 May 2024 12:23:50 -0700 From: Andrew Morton To: Kuan-Wei Chiu Cc: jserv@ccns.ncku.edu.tw, linux-kernel@vger.kernel.org Subject: Re: [PATCH] tools/lib/slab: Fix potential NULL pointer dereference in kmalloc() Message-Id: <20240524122350.a22ca8dfe07a21f3eb862159@linux-foundation.org> In-Reply-To: <20240524191459.949731-1-visitorckw@gmail.com> References: <20240524191459.949731-1-visitorckw@gmail.com> X-Mailer: Sylpheed 3.8.0beta1 (GTK+ 2.24.33; x86_64-pc-linux-gnu) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit On Sat, 25 May 2024 03:14:59 +0800 Kuan-Wei Chiu wrote: > In kmalloc(), add a check to ensure that the pointer 'ret' is not NULL > before attempting to memset it when the __GFP_ZERO flag is set. This > prevents a potential NULL pointer dereference. > > ... > > --- a/tools/lib/slab.c > +++ b/tools/lib/slab.c > @@ -22,7 +22,7 @@ void *kmalloc(size_t size, gfp_t gfp) > uatomic_inc(&kmalloc_nr_allocated); > if (kmalloc_verbose) > printf("Allocating %p from malloc\n", ret); > - if (gfp & __GFP_ZERO) > + if (gfp & __GFP_ZERO && ret) > memset(ret, 0, size); > return ret; > } I suspect we have a lot of unchecked mallocs in our userspace code. If there's an argument for fixing them all(?) then it would be best to do this in a wholesale fashion rather than patch-at-a-time piecemeal.