lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 18 Sep 2017 15:39:25 +0200 From: Richard Weinberger <richard@....at> To: Boris Brezillon <boris.brezillon@...e-electrons.com> Cc: linux-mtd@...ts.infradead.org, linux-kernel@...r.kernel.org, marek.vasut@...il.com, cyrille.pitchen@...ev4u.fr, computersforpeace@...il.com, dwmw2@...radead.org Subject: Re: [PATCH] mtd: spi-nor: Check for spi_nor_hwcaps_read2cmd() return value Am Montag, 18. September 2017, 11:39:45 CEST schrieb Boris Brezillon: > On Sun, 17 Sep 2017 11:57:50 +0200 > > Richard Weinberger <richard@....at> wrote: > > The function can return a negativ value in case of errors, > > don't use it blindly as array index. > > > > Detected by CoverityScan CID#1418067 ("Memory - illegal accesses") > > Fixes: f384b352cbf0 ("mtd: spi-nor: parse Serial Flash Discoverable > > Parameters (SFDP) tables") > > Hm, not sure but I think "Fixes:" should not be wrapped. Hmm, vi tried to be smart. ;-\ > > > Signed-off-by: Richard Weinberger <richard@....at> > > --- > > > > drivers/mtd/spi-nor/spi-nor.c | 3 +++ > > 1 file changed, 3 insertions(+) > > > > diff --git a/drivers/mtd/spi-nor/spi-nor.c b/drivers/mtd/spi-nor/spi-nor.c > > index cf1d4a15e10a..d71765739a93 100644 > > --- a/drivers/mtd/spi-nor/spi-nor.c > > +++ b/drivers/mtd/spi-nor/spi-nor.c > > @@ -2145,6 +2145,9 @@ static int spi_nor_parse_bfpt(struct spi_nor *nor, > > > > params->hwcaps.mask |= rd->hwcaps; > > cmd = spi_nor_hwcaps_read2cmd(rd->hwcaps); > > > > + if (cmd < 0) > > + return -EINVAL; > > Why not returning cmd directly? I thought about that too but the only other user of that function also returns -EINVAL upon error. Maybe Cyrille can give more input whether we should propagate spi_nor_hwcaps_read2cmd()'s return values or not. Thanks, //richard
Powered by blists - more mailing lists