lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 18 Sep 2017 11:39:45 +0200 From: Boris Brezillon <boris.brezillon@...e-electrons.com> To: Richard Weinberger <richard@....at> Cc: linux-mtd@...ts.infradead.org, linux-kernel@...r.kernel.org, marek.vasut@...il.com, cyrille.pitchen@...ev4u.fr, computersforpeace@...il.com, dwmw2@...radead.org Subject: Re: [PATCH] mtd: spi-nor: Check for spi_nor_hwcaps_read2cmd() return value On Sun, 17 Sep 2017 11:57:50 +0200 Richard Weinberger <richard@....at> wrote: > The function can return a negativ value in case of errors, > don't use it blindly as array index. > > Detected by CoverityScan CID#1418067 ("Memory - illegal accesses") > Fixes: f384b352cbf0 ("mtd: spi-nor: parse Serial Flash Discoverable > Parameters (SFDP) tables") Hm, not sure but I think "Fixes:" should not be wrapped. > Signed-off-by: Richard Weinberger <richard@....at> > --- > drivers/mtd/spi-nor/spi-nor.c | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/drivers/mtd/spi-nor/spi-nor.c b/drivers/mtd/spi-nor/spi-nor.c > index cf1d4a15e10a..d71765739a93 100644 > --- a/drivers/mtd/spi-nor/spi-nor.c > +++ b/drivers/mtd/spi-nor/spi-nor.c > @@ -2145,6 +2145,9 @@ static int spi_nor_parse_bfpt(struct spi_nor *nor, > > params->hwcaps.mask |= rd->hwcaps; > cmd = spi_nor_hwcaps_read2cmd(rd->hwcaps); > + if (cmd < 0) > + return -EINVAL; Why not returning cmd directly? > + > read = ¶ms->reads[cmd]; > half = bfpt.dwords[rd->settings_dword] >> rd->settings_shift; > spi_nor_set_read_settings_from_bfpt(read, half, rd->proto);
Powered by blists - more mailing lists