| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 13 May 2015 23:11:56 +0200 From: Marcel Holtmann <marcel@...tmann.org> To: Geert Uytterhoeven <geert@...ux-m68k.org> Cc: "Gustavo F. Padovan" <gustavo@...ovan.org>, Johan Hedberg <johan.hedberg@...il.com>, BlueZ development <linux-bluetooth@...r.kernel.org>, netdev <netdev@...r.kernel.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org> Subject: Re: [PATCH] Bluetooth: Pre-initialize variables in read_local_oob_ext_data_complete() Hi Geert, >>>>> net/bluetooth/mgmt.c: In function ‘read_local_oob_ext_data_complete’: >>>>> net/bluetooth/mgmt.c:6474: warning: ‘r256’ may be used uninitialized in this function >>>>> net/bluetooth/mgmt.c:6474: warning: ‘h256’ may be used uninitialized in this function >>>>> net/bluetooth/mgmt.c:6474: warning: ‘r192’ may be used uninitialized in this function >>>>> net/bluetooth/mgmt.c:6474: warning: ‘h192’ may be used uninitialized in this function >>>>> >>>>> While these are false positives, the code can be shortened by >>>>> pre-initializing the hash table pointers and eir_len. This has the side >>>>> effect of killing the compiler warnings. >>>> >>>> can you be a bit specific on which compiler version is this. I fixed one occurrence that seemed valid. However in this case the compiler seems to be just plain stupid. On a gcc 4.9, I am not seeing these for example. >>> >>> gcc 4.1.2. As there were too many false positives, these warnings were >>> disabled in later versions (throwing away the children with the bad water). >>> >>> If you don't like my patch, just drop it. I only look at newly >>> introduced warnings >>> of this kind anyway. >> >> I really do not know what is the best solution here. This is a false positive. And I have been looking at this particular code for a warning that was valid, but we missed initially. But these warnings that you are fixing are clearly false positive. > > I only sent patches to fix false positives if I think the patches improve the > code. As this is a subjective matter, it's up to you as the maintainer to > decide. > >> If this only happens with an old compiler version, I would tend to leave the code as is. Then again, what is the general preferred approach here? > > As this is a false positive, it's clearly up to the maintainer to > decide if the patch > improves the code or not. and in this case, I have no idea if I want to bother or not. I really just don’t. Since nobody else complained, I might just leave it as is since it really is a false positive. Regards Marcel -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists