| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 17 May 2017 21:44:16 +0200
From: Arnd Bergmann <arnd@...db.de>
To: Srinivas Pandruvada <srinivas.pandruvada@...ux.intel.com>,
Jiri Kosina <jikos@...nel.org>
Cc: linux-input@...r.kernel.org,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
Arnd Bergmann <arnd@...db.de>
Subject: Re: [PATCH 1/5] HID: intel_ish-hid: fix potential uninitialized data usage
On Tue, May 16, 2017 at 1:09 PM, Arnd Bergmann <arnd@...db.de> wrote:
> gcc points out an uninialized pointer dereference that could happen
> if we ever get to recv_ishtp_cl_msg_dma() or recv_ishtp_cl_msg()
> with an empty &dev->read_list:
>
> drivers/hid/intel-ish-hid/ishtp/client.c: In function 'recv_ishtp_cl_msg_dma':
> drivers/hid/intel-ish-hid/ishtp/client.c:1049:3: error: 'cl' may be used uninitialized in this function [-Werror=maybe-uninitialized]
>
> The warning only appeared in very few randconfig builds, as the
> spinlocks tend to prevent gcc from tracing the variables. I only
> saw it in configurations that had neither SMP nor LOCKDEP enabled.
>
> I have not been able to figure out whether this case can happen in
> practice, but it's better to be defensive here and handle the case
> explicitly by returning from the function.
>
> Signed-off-by: Arnd Bergmann <arnd@...db.de>
Embarrassingly, this did not fix the warning in all cases after all, I ran
into the same warning with the patch applied now. The other patches
in the series are probably still good, but they might not apply without
the first, so I'll have to come up with a better fix here and resend the
series.
Arnd
Powered by blists - more mailing lists