Re: Null dereference errors in the kernel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 7/18/06, Daniel Drake <[email protected]> wrote:
Thomas Dillig wrote:
> Hello,
>
> We are PhD students at Stanford University working on a static analysis
> project called SATURN (http://glide.stanford.edu/saturn). We have
> implemented a checker that finds potential null dereference errors and
> ran our tool on the kernel version 2.6.17.1. We have identified around
> 300 potential issues related to null errors, and we've included 20
> sample reports below. If you would be interested, we can post all the
> issues we found. Also, we apologize in advance if we aren't supposed to
> post these error reports here, and we are happy to submit bug reports
> elsewhere if you tell us where to post these.

Interesting idea. I just looked at one of them out of curiosity, but I'm
not sure it is valid. Either that or I have misunderstood the problem it
is identifying?

> [13]
> 1176, 1180 drivers/char/isicom.c
> Possible null dereference of variable "tty" checked for NULL at
> (1183:drivers/char/isicom.c).

This function is part of the tty_operations API, that would be a pretty
broken interface if it provided the possibility of a NULL tty to work
on. Additionally, all of the callers seem to do this:

       tty->driver->put_char(tty, c);

If tty is NULL here, we have larger problems at hand :)


That if (!tty...) check is bogus. The tool is apparently unhappy
because the code does:

struct isi_port *port = tty->driver_data;
....
if (!tty || !port->xmit_buf)
       return;

It looks like the problem is gone in the latest -git. The same issue
is in isicom_close() WRT port argument.

--
Dmitry
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux