lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <5755979.RXybIODAnf@wuerfel>
Date:   Thu, 10 Nov 2016 11:51:44 +0100
From:   Arnd Bergmann <arnd@...db.de>
To:     Hiep Cao Minh <cm-hiep@...so.co.jp>
Cc:     Mark Brown <broonie@...nel.org>,
        Chris Brandt <chris.brandt@...esas.com>,
        linux-spi@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] spi: rspi: avoid uninitialized variable access

On Thursday, November 10, 2016 6:25:56 PM CET Hiep Cao Minh wrote:
> Hi Arnd,
> 
> Thanks for your fixed patch.
> 
> On 11/08/2016 10:46 PM, Arnd Bergmann wrote:
> > The newly introduced rspi_pio_transfer_in_or_our() function must
> > take either a valid 'rx' or 'tx' pointer, and has undefined behavior
> > if both are NULL, as found by 'gcc -Wmaybe-unintialized':
> >
> > drivers/spi/spi-rspi.c: In function 'rspi_pio_transfer_in_or_our':
> > drivers/spi/spi-rspi.c:558:5: error: 'len' may be used uninitialized in this function [-Werror=maybe-uninitialized]
> Could you tell me what kind of GCC are you using?
> I'd like to reproduce it on my environment, too.
> I am using the Linaro's gcc of 
> "gcc-linaro-arm-linux-gnueabihf-4.8-2014.04_linux".
> But there is no error message like this on my environment.

The warning is currently disabled in mainline Linux, but I'm trying to
address this and hope to still get a revert of 6e8d666e9253 ("Disable
"maybe-uninitialized" warning globally") into v4.9.

You can build with "make EXTRA_CFLAGS=-Wmaybe-uninitialized" in
the meantime.

	Arnd

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ