[CHECKER] 1 potential derefence of user-pointer without verification

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Rusty Russell: "Re: [PATCH] Switch ide parameters to new-style and make them unique."
• Previous message: Tuncer M \: "Re: 2.5.69 strange high tone on DELL Inspiron 8100"

Below is a warning found in pcmcia/ds.c, where user pointer is
dereferenced without check. Please confirm or clarify, Thanks!

-Junfeng

---------------------------------------------------------

[BUG] buf is tainted implies buf.win_info.handle is tainted.
pcmcia_get_mem_page dereferences its first parameter

/home/junfeng/linux-tainted/drivers/pcmcia/ds.c:814:ds_ioctl:
ERROR:TAINTED: 814:814:deref tainted component 'buf.win_info.handle'
[struct=win_info_t.handle] [type=call]

break;
case DS_GET_NEXT_WINDOW:
ret = pcmcia_get_next_window(&buf.win_info.handle,
&buf.win_info.window);
break;
case DS_GET_MEM_PAGE:

Error --->
ret = pcmcia_get_mem_page(buf.win_info.handle,
&buf.win_info.map);
break;
case DS_REPLACE_CIS:

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

• Next message: Rusty Russell: "Re: [PATCH] Switch ide parameters to new-style and make them unique."
• Previous message: Tuncer M \: "Re: 2.5.69 strange high tone on DELL Inspiron 8100"