lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <f372a1cb-e255-b5de-510d-77ca944903b3@st.com> Date: Thu, 14 Sep 2017 18:55:55 +0200 From: Ludovic BARRE <ludovic.barre@...com> To: Geert Uytterhoeven <geert@...ux-m68k.org> CC: Arnd Bergmann <arnd@...db.de>, Cyrille Pitchen <cyrille.pitchen@...ev4u.fr>, Marek Vasut <marek.vasut@...il.com>, Boris Brezillon <boris.brezillon@...e-electrons.com>, Alexandre Torgue <alexandre.torgue@...com>, Richard Weinberger <richard@....at>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, MTD Maling List <linux-mtd@...ts.infradead.org>, "linux-arm-kernel@...ts.infradead.org" <linux-arm-kernel@...ts.infradead.org>, Maxime Coquelin <mcoquelin.stm32@...il.com>, Brian Norris <computersforpeace@...il.com>, David Woodhouse <dwmw2@...radead.org> Subject: Re: [PATCH] mtd: spi-nor: stm32-quadspi: avoid unintialized return code On 09/14/2017 05:24 PM, Geert Uytterhoeven wrote: > Hi Ludovic, > > On Thu, Sep 14, 2017 at 5:13 PM, Ludovic BARRE <ludovic.barre@...com> wrote: >> On 09/14/2017 03:38 PM, Geert Uytterhoeven wrote: >>> On Thu, Sep 14, 2017 at 1:06 PM, Arnd Bergmann <arnd@...db.de> wrote: >>>> If we send zero-length data to stm32_qspi_tx_poll() on older >>>> compiler versions such as gcc-4.6, we get warned that the >>>> return code is uninitialized: >>>> >>>> drivers/mtd/spi-nor/stm32-quadspi.c:248:2: error: ‘ret’ may be used >>>> uninitialized in this function [-Werror=uninitialized] >>>> >>>> On newer compiler versions, the return code is always zero >>>> in this case, as the local variable gets optimized away and >>>> is assumed to be zero after the loop completes without error. >>>> >>>> This changes the function to instead return -EINVAL if it >>>> ever gets called with a zero length buffer. >>>> >>>> https://gcc.gnu.org/bugzilla/show_bug.cgi?id=82203 >>>> Signed-off-by: Arnd Bergmann <arnd@...db.de> >>>> --- >>>> drivers/mtd/spi-nor/stm32-quadspi.c | 2 +- >>>> 1 file changed, 1 insertion(+), 1 deletion(-) >>>> >>>> diff --git a/drivers/mtd/spi-nor/stm32-quadspi.c >>>> b/drivers/mtd/spi-nor/stm32-quadspi.c >>>> index 86c0931543c5..711cfe7aa4bf 100644 >>>> --- a/drivers/mtd/spi-nor/stm32-quadspi.c >>>> +++ b/drivers/mtd/spi-nor/stm32-quadspi.c >>>> @@ -227,7 +227,7 @@ static int stm32_qspi_tx_poll(struct stm32_qspi >>>> *qspi, >>>> void (*tx_fifo)(u8 *, void __iomem *); >>>> u32 len = cmd->len, sr; >>>> u8 *buf = cmd->buf; >>>> - int ret; >>>> + int ret = -EINVAL; >>>> >>>> if (cmd->qspimode == CCR_FMODE_INDW) >>>> tx_fifo = stm32_qspi_write_fifo; >>> >>> >>> See also "[PATCH] mtd: spi-nor: stm32-quadspi: Fix uninitialized error >>> return code" >>> (https://patchwork.kernel.org/patch/9842173/) >> >> hi Arnd, Geert >> >> sorry, I was forgot this thread while my holidays >> >> Geert: what do you mean like "similar bugs in the future" in "If you >> initialized ret at the beginning, you lose the ability to catch newly >> introduced similar bugs in the future." > > If you pre-initialize ret at the top, you loose the ability of the compiler > to detect at compile-time if ret is never written to later. It will just return > -EINVAL at runtime. > > With my version, if the code is modified later and another "return ret" is > added, the compiler will detect if there's a code path that forgets > to assign a value to ret. Ok, it's clear for me. I favor geert's solution. Arnd what do you think ? > > Gr{oetje,eeting}s, > > Geert > > -- > Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@...ux-m68k.org > > In personal conversations with technical people, I call myself a hacker. But > when I'm talking to journalists I just say "programmer" or something like that. > -- Linus Torvalds >
Powered by blists - more mailing lists