lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-Id: <20160912084403.3577996-1-arnd@arndb.de>
Date:   Mon, 12 Sep 2016 10:43:49 +0200
From:   Arnd Bergmann <arnd@...db.de>
To:     Hans Verkuil <hverkuil@...all.nl>
Cc:     Arnd Bergmann <arnd@...db.de>,
        Mauro Carvalho Chehab <mchehab@...nel.org>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Johan Fjeldtvedt <jaffe1@...il.com>,
        Wei Yongjun <yongjun_wei@...ndmicro.com.cn>,
        linux-media@...r.kernel.org, devel@...verdev.osuosl.org,
        linux-kernel@...r.kernel.org
Subject: [PATCH] [media] pulse8-cec: avoid uninitialized data use

Building with -Wmaybe-uninitialized reveals the use on an uninitialized
variable containing the physical address of the device whenever
firmware before version 2 is used:

drivers/staging/media/pulse8-cec/pulse8-cec.c: In function 'pulse8_connect':
drivers/staging/media/pulse8-cec/pulse8-cec.c:447:2: error: 'pa' may be used uninitialized in this function [-Werror=maybe-uninitialized]

This sets the address to CEC_PHYS_ADDR_INVALID in this case, so we don't
try to write back the uninitialized data to the device.

Signed-off-by: Arnd Bergmann <arnd@...db.de>
Fixes: e28a6c8b3fcc ("[media] pulse8-cec: sync configuration with adapter")
---
 drivers/staging/media/pulse8-cec/pulse8-cec.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/drivers/staging/media/pulse8-cec/pulse8-cec.c b/drivers/staging/media/pulse8-cec/pulse8-cec.c
index 1158ba9f828f..64fffc709416 100644
--- a/drivers/staging/media/pulse8-cec/pulse8-cec.c
+++ b/drivers/staging/media/pulse8-cec/pulse8-cec.c
@@ -342,8 +342,10 @@ static int pulse8_setup(struct pulse8 *pulse8, struct serio *serio,
 		return err;
 	pulse8->vers = (data[0] << 8) | data[1];
 	dev_info(pulse8->dev, "Firmware version %04x\n", pulse8->vers);
-	if (pulse8->vers < 2)
+	if (pulse8->vers < 2) {
+		*pa = CEC_PHYS_ADDR_INVALID;
 		return 0;
+	}
 
 	cmd[0] = MSGCODE_GET_BUILDDATE;
 	err = pulse8_send_and_wait(pulse8, cmd, 1, cmd[0], 4);
-- 
2.9.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ