[PATCH] ath10k: fix potential null dereference bugs
Bob Copeland
me at bobcopeland.com
Mon Jun 13 06:05:07 PDT 2016
On Mon, Jun 13, 2016 at 11:08:59AM +0200, Johannes Berg wrote:
> On Mon, 2016-06-13 at 07:39 +0200, Michal Kazior wrote:
> >
> > FWIW all of these are false positives. I think this was already
> > pointed out some time ago. The drv_priv stuff is merely an offset
> > (see how ieee80211_vif and ieee80211_sta are defined) and the
> > according structure is always checked beforehand.
OK, fair enough, sorry for the noise. I'm daily running sparse / smatch
on wireless-testing; although these had been around for a while they
showed up as new "errors" because of some line number changes, but I'll
squelch them going forward.
> IIRC, doing something like that can (sometimes?) still get you into
> undefined behaviour territory, so the compiler could potentially
> "optimize" away the later NULL check.
So I did just go and check the generated code for each of these cases
and gcc didn't elide the subsequent if-test, at least on x86-64 and my
compiler / build config. Given http://lwn.net/Articles/342330, it seems
possible, though.
--
Bob Copeland %% http://bobcopeland.com/
More information about the ath10k
mailing list