lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Sun, 17 Sep 2017 18:53:28 +0200
From:   Richard Weinberger <richard@....at>
To:     Geert Uytterhoeven <geert@...ux-m68k.org>
Cc:     Artem Bityutskiy <dedekind1@...il.com>,
        Adrian Hunter <adrian.hunter@...el.com>,
        Hyunchul Lee <hyc.lee@...il.com>,
        Colin Ian King <colin.king@...onical.com>,
        Dan Carpenter <dan.carpenter@...cle.com>,
        linux-mtd@...ts.infradead.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] ubifs: Fix uninitialized variable in search_dh_cookie()

Am Sonntag, 17. September 2017, 10:32:20 CEST schrieb Geert Uytterhoeven:
> fs/ubifs/tnc.c: In function ‘search_dh_cookie’:
> fs/ubifs/tnc.c:1893: warning: ‘err’ is used uninitialized in this function
> 
> Indeed, err is always used uninitialized.
> 
> According to an original review comment from Hyunchul, acknowledged by
> Richard, err should be initialized to -ENOENT to avoid the first call to
> tnc_next().  But we can achieve the same by reordering the code.
> 
> Reported-by: Hyunchul Lee <hyc.lee@...il.com>
> Signed-off-by: Geert Uytterhoeven <geert@...ux-m68k.org>
> ---
> Compile-tested only.
> 
> Still needed in v4.14-rc1, so I'm sending out the patch I wrote in July.
> This avoids initializing err at the top, so we don't loose the ability to
> catch future uninitialized use.

Geez. ;-\
Applied for 4.14-rc2.

Thanks,
//richard

Powered by blists - more mailing lists