lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 22 Nov 2016 15:32:54 +0100
From:   Arnd Bergmann <arnd@...db.de>
To:     "Martin K. Petersen" <martin.petersen@...cle.com>
Cc:     Hannes Reinecke <hare@...e.com>, Arnd Bergmann <arnd@...db.de>,
        Don Brace <don.brace@...rosemi.com>,
        "James E.J. Bottomley" <jejb@...ux.vnet.ibm.com>,
        Kevin Barnett <kevin.barnett@...rosemi.com>,
        Scott Teel <scott.teel@...rosemi.com>,
        Justin Lindley <justin.lindley@...rosemi.com>,
        esc.storagedev@...rosemi.com, linux-scsi@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: [PATCH] scsi: hpsa: fix uninitialized variable access

A bugfix has left the 'sd' variable uninitialized:

drivers/scsi/hpsa.c: In function 'hpsa_slave_alloc':
drivers/scsi/hpsa.c:2033:5: error: 'sd' may be used uninitialized in this function [-Werror=maybe-uninitialized]

This reverts back to calling lookup_hpsa_scsi_dev() for the
HPSA_PHYSICAL_DEVICE_BUS case, but also keeps doing that when
hpsa_find_device_by_sas_rphy() returns NULL, as is currently
done.

The patch that caused this is marked for stable backports,
so this one has to be backported on top as well.

Fixes: 4eb307f7b18d ("scsi: hpsa: use bus '3' for legacy HBA devices")
Signed-off-by: Arnd Bergmann <arnd@...db.de>
---
I did not try hard to figure out what the correct behavior
should be, so please treat this as a bugreport that might contain
the right fix.
---
 drivers/scsi/hpsa.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/drivers/scsi/hpsa.c b/drivers/scsi/hpsa.c
index ea64c01f3d42..d17ee63045c3 100644
--- a/drivers/scsi/hpsa.c
+++ b/drivers/scsi/hpsa.c
@@ -2029,7 +2029,10 @@ static int hpsa_slave_alloc(struct scsi_device *sdev)
 			sd->target = sdev_id(sdev);
 			sd->lun = sdev->lun;
 		}
+	} else {
+		sd = NULL;
 	}
+
 	if (!sd)
 		sd = lookup_hpsa_scsi_dev(h, sdev_channel(sdev),
 					sdev_id(sdev), sdev->lun);
-- 
2.9.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ