lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 4 Mar 2008 00:03:00 +0800
From:	"Peter Teoh" <htmldeveloper@...il.com>
To:	"Adrian Bunk" <bunk@...nel.org>
Cc:	"Bartlomiej Zolnierkiewicz" <bzolnier@...il.com>,
	linux-ide@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: ide_register_hw(): buggy code

On Sun, Mar 2, 2008 at 11:19 PM, Adrian Bunk <bunk@...nel.org> wrote:
> The Coverity checker spotted the following bogus change to
>  ide_register_hw() in commit 9e016a719209d95338e314b46c3012cc7feaaeec:
>
>  <--  snip  -->
>
>  ...
>  +               hwif = ide_deprecated_find_port(hw->io_ports[IDE_DATA_OFFSET]);
>  +               index = hwif->index;
>  +               if (hwif)
>  +                       goto found;
>                 for (index = 0; index < MAX_HWIFS; index++)
>  ...
>
>  <--  snip  -->
>
>  It's impossible to reach the for() loop without Oopsing before.
>
>  Can you either fix this for 2.6.25 or push your patch that removes
>  ide_register_hw() for 2.6.25?
>

My question is:

a.   why is "retry=1", and then the do while loop always end up the
loop being one round executed only?   Why not just remove the while
loop entirely?

b.   not sure if your statement above implied this, but checking for
hwif!=0 should be before index.  ???

c.   "index = hwif->index;" should not be there, but after "found".
Is that correct?

int ide_register_hw(hw_regs_t *hw, void (*quirkproc)(ide_drive_t *),
                    ide_hwif_t **hwifp)
{
        int index, retry = 1;
        ide_hwif_t *hwif;
        u8 idx[4] = { 0xff, 0xff, 0xff, 0xff };

        do {
                hwif = ide_deprecated_find_port(hw->io_ports[IDE_DATA_OFFSET]);
                index = hwif->index;
                if (hwif)
                        goto found;
                for (index = 0; index < MAX_HWIFS; index++)
                        ide_unregister(index, 1, 1);
        } while (retry--);
        return -1;
found:
        if (hwif->present)


The patch I am thinking goes something like this:

--- ide/ide.c   2008-03-03 20:10:28.000000000 +0800
+++ ide/ide_new.c       2008-03-04 00:09:46.000000000 +0800
@@ -661,20 +661,18 @@ EXPORT_SYMBOL_GPL(ide_deprecated_find_po
 int ide_register_hw(hw_regs_t *hw, void (*quirkproc)(ide_drive_t *),
                    ide_hwif_t **hwifp)
 {
-       int index, retry = 1;
+       int index;
        ide_hwif_t *hwif;
        u8 idx[4] = { 0xff, 0xff, 0xff, 0xff };

-       do {
-               hwif = ide_deprecated_find_port(hw->io_ports[IDE_DATA_OFFSET]);
-               index = hwif->index;
-               if (hwif)
-                       goto found;
-               for (index = 0; index < MAX_HWIFS; index++)
-                       ide_unregister(index, 1, 1);
-       } while (retry--);
+       hwif = ide_deprecated_find_port(hw->io_ports[IDE_DATA_OFFSET]);
+       if (hwif)
+               goto found;
+       for (index = 0; index < MAX_HWIFS; index++)
+               ide_unregister(index, 1, 1);
        return -1;
 found:
+       index = hwif->index;
        if (hwif->present)
                ide_unregister(index, 0, 1);
        else if (!hwif->hold)

Please comment.

-- 
Regards,
Peter Teoh
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ