Re: [PATCH v5] ptp: ocp: Limit signal/freq counts in summary output functions

From: Simon Horman
Date: Fri May 16 2025 - 05:08:50 EST

Next message: Yan Zhao: "Re: [RFC PATCH 02/21] x86/virt/tdx: Enhance tdh_mem_page_aug() to support huge pages"
Previous message: Lukas Bulwahn: "[PATCH] x86/mm: Remove duplicated word in warning message"
Next in thread: Vadim Fedorenko: "Re: [PATCH v5] ptp: ocp: Limit signal/freq counts in summary output functions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, May 14, 2025 at 10:35:41AM +0300, Sagi Maimon wrote:
> The debugfs summary output could access uninitialized elements in
> the freq_in[] and signal_out[] arrays, causing NULL pointer
> dereferences and triggering a kernel Oops (page_fault_oops).
> This patch adds u8 fields (nr_freq_in, nr_signal_out) to track the
> number of initialized elements, with a maximum of 4 per array.
> The summary output functions are updated to respect these limits,
> preventing out-of-bounds access and ensuring safe array handling.
>
> Signed-off-by: Sagi Maimon <maimon.sagi@xxxxxxxxx>
> ---
> Addressed comments from Vadim Fedorenko:
> - https://www.spinics.net/lists/kernel/msg5683022.html
> Addressed comments from Jakub Kicinski:
> - https://www.spinics.net/lists/netdev/msg1091131.html
> Changes since v4:
> - remove fix from signal/freq show/store routines.

Reviewed-by: Simon Horman <horms@xxxxxxxxxx>

Next message: Yan Zhao: "Re: [RFC PATCH 02/21] x86/virt/tdx: Enhance tdh_mem_page_aug() to support huge pages"
Previous message: Lukas Bulwahn: "[PATCH] x86/mm: Remove duplicated word in warning message"
Next in thread: Vadim Fedorenko: "Re: [PATCH v5] ptp: ocp: Limit signal/freq counts in summary output functions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]