| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <3629896.LZWARU6us7@blindfold>
Date: Sun, 17 Sep 2017 18:53:28 +0200
From: Richard Weinberger <richard@....at>
To: Geert Uytterhoeven <geert@...ux-m68k.org>
Cc: Artem Bityutskiy <dedekind1@...il.com>,
Adrian Hunter <adrian.hunter@...el.com>,
Hyunchul Lee <hyc.lee@...il.com>,
Colin Ian King <colin.king@...onical.com>,
Dan Carpenter <dan.carpenter@...cle.com>,
linux-mtd@...ts.infradead.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] ubifs: Fix uninitialized variable in search_dh_cookie()
Am Sonntag, 17. September 2017, 10:32:20 CEST schrieb Geert Uytterhoeven:
> fs/ubifs/tnc.c: In function ‘search_dh_cookie’:
> fs/ubifs/tnc.c:1893: warning: ‘err’ is used uninitialized in this function
>
> Indeed, err is always used uninitialized.
>
> According to an original review comment from Hyunchul, acknowledged by
> Richard, err should be initialized to -ENOENT to avoid the first call to
> tnc_next(). But we can achieve the same by reordering the code.
>
> Reported-by: Hyunchul Lee <hyc.lee@...il.com>
> Signed-off-by: Geert Uytterhoeven <geert@...ux-m68k.org>
> ---
> Compile-tested only.
>
> Still needed in v4.14-rc1, so I'm sending out the patch I wrote in July.
> This avoids initializing err at the top, so we don't loose the ability to
> catch future uninitialized use.
Geez. ;-\
Applied for 4.14-rc2.
Thanks,
//richard
Powered by blists - more mailing lists