lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <alpine.DEB.2.10.1406041706050.2441@hadrien>
Date:	Wed, 4 Jun 2014 17:06:44 +0200 (CEST)
From:	Julia Lawall <julia.lawall@...6.fr>
To:	scameron@...rdog.cce.hp.com
cc:	Julia Lawall <Julia.Lawall@...6.fr>,
	kernel-janitors@...r.kernel.org,
	"James E.J. Bottomley" <JBottomley@...allels.com>,
	iss_storagedev@...com, linux-scsi@...r.kernel.org,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH 6/10] hpsa: use safer test on the result of
 find_first_zero_bit



On Wed, 4 Jun 2014, scameron@...rdog.cce.hp.com wrote:

> On Wed, Jun 04, 2014 at 11:07:56AM +0200, Julia Lawall wrote:
> > From: Julia Lawall <Julia.Lawall@...6.fr>
> >
> > Find_first_zero_bit considers BITS_PER_LONG bits at a time, and thus may
> > return a larger number than the maximum position argument if that position
> > is not a multiple of BITS_PER_LONG.
> >
> > The semantic match that finds this problem is as follows:
> > (http://coccinelle.lip6.fr/)
> >
> > // <smpl>
> > @@
> > expression e1,e2,e3;
> > statement S1,S2;
> > @@
> >
> > e1 = find_first_zero_bit(e2,e3)
> > ...
> > if (e1
> > - ==
> > + >=
> >   e3)
> > S1 else S2
> > // </smpl>
> >
> > Signed-off-by: Julia Lawall <Julia.Lawall@...6.fr>
> >
> > ---
> >  drivers/scsi/hpsa.c |    2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff -u -p a/drivers/scsi/hpsa.c b/drivers/scsi/hpsa.c
> > --- a/drivers/scsi/hpsa.c
> > +++ b/drivers/scsi/hpsa.c
> > @@ -4703,7 +4703,7 @@ static struct CommandList *cmd_alloc(str
> >  	spin_lock_irqsave(&h->lock, flags);
> >  	do {
> >  		i = find_first_zero_bit(h->cmd_pool_bits, h->nr_cmds);
> > -		if (i == h->nr_cmds) {
> > +		if (i >= h->nr_cmds) {
> >  			spin_unlock_irqrestore(&h->lock, flags);
> >  			return NULL;
> >  		}
>
> Thanks, Ack.
>
> You can add
>
> Reviewed-by: Stephen M. Cameron <scameron@...rdog.cce.hp.com>
>
> to this patch if you want.
>
> You might also consider adding "Cc: stable@...r.kernel.org" to the sign-off area.

Actually, it seems that the function can never overshoot the specified
limit.  So the change is not needed.

julia
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ