| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 10 Dec 2018 21:18:29 +0000
From: Jonathan Cameron <jic23@...nel.org>
To: Martin Kepplinger <martink@...teo.de>
Cc: knaack.h@....de, lars@...afoo.de, pmeerw@...erw.net,
linux-iio@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] iio: accel: mma9551_core: prevent using uninitialized
variable
On Mon, 10 Dec 2018 15:25:32 +0100
Martin Kepplinger <martink@...teo.de> wrote:
> mma9551_gpio_config()'s switch statement sets the uninitialized pol_mask
> variable but doesn't have default settings. Said function can therefore
> be called in a way to use the uninitialized variable (at least in case
> enum mma9551_gpio_pin is extended with unhandled values).
>
> While things should be fine now, this initializes pol_mask just to prevent
> failure.
I'm unconvinced by this approach. Should the enum be extended and have
unhandled values then the value of reg will be garbage as well.
I'd much rather see the switch statement have a default with
appropriate error return.
Jonathan
>
> Signed-off-by: Martin Kepplinger <martink@...teo.de>
> ---
> drivers/iio/accel/mma9551_core.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/iio/accel/mma9551_core.c b/drivers/iio/accel/mma9551_core.c
> index c34c5ce8123b..2fc79b14888b 100644
> --- a/drivers/iio/accel/mma9551_core.c
> +++ b/drivers/iio/accel/mma9551_core.c
> @@ -539,7 +539,8 @@ EXPORT_SYMBOL(mma9551_update_config_bits);
> int mma9551_gpio_config(struct i2c_client *client, enum mma9551_gpio_pin pin,
> u8 app_id, u8 bitnum, int polarity)
> {
> - u8 reg, pol_mask, pol_val;
> + u8 reg, pol_val;
> + u8 pol_mask = 0;
> int ret;
>
> if (pin > mma9551_gpio_max) {
Powered by blists - more mailing lists