Re: Potential NULL pointer deference in spi
On 10/10/19 10:31 PM, Yizhuo Zhai wrote: > Hi Eric: > > My apologies for bothering, we got those report via static analysis > and haven't got a good method to verify the path to trigger them. > Therefore I sent those email to you maintainers first since you > know much better about the details. Sorry again for your time and > I take your suggestions. My suggestion is that you need to make deep investigations on your own, before sending mails to lkml@, reaching thousands of people on the planet. Static analysis tools having too many false positive are not worth the time spent by humans. I knew nothing about drivers/spi/spi.c, but after few minutes reading the code, it was clear your report was wrong. Do not ask us to do what you should do yourself. Thanks. > > On Wed, Oct 9, 2019 at 10:48 PM Eric Dumazet wrote: >> >> >> >> On 10/9/19 10:37 PM, Yizhuo Zhai wrote: >>> Hi All: >>> >>> drivers/spi/spi.c: >>> >>> The function to_spi_device() could return NULL, but some callers >>> in this file does not check the return value while directly dereference >>> it, which seems potentially unsafe. >>> >>> Such callers include spidev_release(), spi_dev_check(), >>> driver_override_store(), etc. >>> >>> >> >> >> Many of your reports are completely bogus. >> >> I suggest you spend more time before sending such emails to very large >> audience >> and risk being ignored at some point. >> >> Thanks. > > >
Re: Potential NULL pointer deference in spi
Hi Eric: My apologies for bothering, we got those report via static analysis and haven't got a good method to verify the path to trigger them. Therefore I sent those email to you maintainers first since you know much better about the details. Sorry again for your time and I take your suggestions. On Wed, Oct 9, 2019 at 10:48 PM Eric Dumazet wrote: > > > > On 10/9/19 10:37 PM, Yizhuo Zhai wrote: > > Hi All: > > > > drivers/spi/spi.c: > > > > The function to_spi_device() could return NULL, but some callers > > in this file does not check the return value while directly dereference > > it, which seems potentially unsafe. > > > > Such callers include spidev_release(), spi_dev_check(), > > driver_override_store(), etc. > > > > > > > Many of your reports are completely bogus. > > I suggest you spend more time before sending such emails to very large > audience > and risk being ignored at some point. > > Thanks. -- Kind Regards, Yizhuo Zhai Computer Science, Graduate Student University of California, Riverside
Re: Potential NULL pointer deference in spi
On 10/9/19 10:37 PM, Yizhuo Zhai wrote: > Hi All: > > drivers/spi/spi.c: > > The function to_spi_device() could return NULL, but some callers > in this file does not check the return value while directly dereference > it, which seems potentially unsafe. > > Such callers include spidev_release(), spi_dev_check(), > driver_override_store(), etc. > > Many of your reports are completely bogus. I suggest you spend more time before sending such emails to very large audience and risk being ignored at some point. Thanks.
Potential NULL pointer deference in spi
Hi All: drivers/spi/spi.c: The function to_spi_device() could return NULL, but some callers in this file does not check the return value while directly dereference it, which seems potentially unsafe. Such callers include spidev_release(), spi_dev_check(), driver_override_store(), etc. -- Kind Regards, Yizhuo Zhai Computer Science, Graduate Student University of California, Riverside