lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <4EAFEBBE.3070604@redhat.com>
Date:	Tue, 01 Nov 2011 10:53:18 -0200
From:	Mauro Carvalho Chehab <mchehab@...hat.com>
To:	wharms@....de
CC:	Dan Carpenter <dan.carpenter@...cle.com>,
	"Mark A. Grondona" <mgrondona@...l.gov>,
	linux-kernel@...r.kernel.org, kernel-janitors@...r.kernel.org
Subject: Re: [patch] edac: sb_edac: add sanity check to silence static checker

Em 01-11-2011 10:32, walter harms escreveu:
> 
> 
> Am 01.11.2011 07:28, schrieb Dan Carpenter:
>> I assume the the check on if (limit <= prv) prevents n_tads from
>> actually reaching MAX_TAD.  The problem with that is that it relies
>> on the hardware returning the right value and Smatch complains that
>> if it doesn't we could have a buffer overflow.
>>
>> Signed-off-by: Dan Carpenter <dan.carpenter@...cle.com>
>> ---
>> Feel free to ignore this patch if you want.  I don't have very stong
>> feelings about this either way.
>>
>> diff --git a/drivers/edac/sb_edac.c b/drivers/edac/sb_edac.c
>> index 7a402bf..ebf386c 100644
>> --- a/drivers/edac/sb_edac.c
>> +++ b/drivers/edac/sb_edac.c
>> @@ -970,6 +970,12 @@ static int get_memory_error_data(struct mem_ctl_info *mci,
>>  			break;
>>  		prv = limit;
>>  	}
>> +	if (n_tads == MAX_TAD) {
>> +		sprintf(msg, "Could not discover the memory channel");
> 
> why the sprintf() ? can you not simply:
> 	edac_mc_handle_ce_no_info(mci,"Could not discover the memory channel");

Yes, please us the edac-specific call. I'm working on some patches that will
provide an additional functionality to those edac report calls. So, using
sprintf() won't do the right thing after applying those patches (likely for
Kernel v3.3).

> 		
> 	re,
>  	 wh
>> +		edac_mc_handle_ce_no_info(mci, msg);
>> +		return -EINVAL;
>> +	}
>> +
>>  	ch_way = TAD_CH(reg) + 1;
>>  	sck_way = TAD_SOCK(reg) + 1;
>>  	/*

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ