lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <45983c6e-6fff-0712-b84d-5ae18c830872@wedev4u.fr>
Date:   Tue, 19 Sep 2017 19:10:35 +0200
From:   Cyrille Pitchen <cyrille.pitchen@...ev4u.fr>
To:     Boris Brezillon <boris.brezillon@...e-electrons.com>,
        Richard Weinberger <richard@....at>
Cc:     linux-mtd@...ts.infradead.org, linux-kernel@...r.kernel.org,
        computersforpeace@...il.com, dwmw2@...radead.org
Subject: Re: [PATCH] mtd: spi-nor: Kill check with no effect

Hi Richard,

Le 18/09/2017 à 11:44, Boris Brezillon a écrit :
> On Sun, 17 Sep 2017 16:13:52 +0200
> Richard Weinberger <richard@....at> wrote:
> 
>> header.major is of type u8 and cannot be negative.
> 
> I guess you meant header.minor here.
> 
>>
>> Detected by CoverityScan CID#1417858 ("Integer handling issues")
>>
>> Fixes: f384b352cbf0 ("mtd: spi-nor: parse Serial Flash Discoverable
>> Parameters (SFDP) tables")
>> Signed-off-by: Richard Weinberger <richard@....at>
>> ---
>> Cyrille,
>>
>> I'm not sure what exactly you wanted to test.
>> Maybe it makes sense casting header.major to s8 before checking against < 0?
>>

Actually I hesitated between checking the exact match with one of the 3
major.minor pairs defined for each version of the JESD216 specification:

JESD216: 1.0
JESD216 rev A: 1.5
JESD216 rev B (the latest one): 1.6

I was wondering whether I should accept 1.1, 1.2, 1.3 and 1.4
(unofficial) pairs too and also later versions, which should be backward
compatible with JESD216 rev B, like rev B is backward compatible with
rev A and so on...

Finally I've chosen to accept everything after 1.0 to give a chance to
next revisions to be supported as much as possible by the current code.
The major number should not change but actually the test upon the minor
value is useless as every unsigned number is greater than or equal to 0 ;)

So once Boris comment taken into account:

Acked-by: Cyrille Pitchen <cyrille.pitchen@...ev4u.fr>

Best regards,

Cyrille

>> Thanks,
>> //richard
>> ---
>>  drivers/mtd/spi-nor/spi-nor.c | 3 +--
>>  1 file changed, 1 insertion(+), 2 deletions(-)
>>
>> diff --git a/drivers/mtd/spi-nor/spi-nor.c b/drivers/mtd/spi-nor/spi-nor.c
>> index d71765739a93..4b86decdf13e 100644
>> --- a/drivers/mtd/spi-nor/spi-nor.c
>> +++ b/drivers/mtd/spi-nor/spi-nor.c
>> @@ -2252,8 +2252,7 @@ static int spi_nor_parse_sfdp(struct spi_nor *nor,
>>  
>>  	/* Check the SFDP header version. */
>>  	if (le32_to_cpu(header.signature) != SFDP_SIGNATURE ||
>> -	    header.major != SFDP_JESD216_MAJOR ||
>> -	    header.minor < SFDP_JESD216_MINOR)
>> +	    header.major != SFDP_JESD216_MAJOR)
>>  		return -EINVAL;
>>  
>>  	/*
> 
> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ