lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 7 Mar 2018 16:40:05 -0600
From:   "Gustavo A. R. Silva" <garsilva@...eddedor.com>
To:     Alexandre Belloni <alexandre.belloni@...tlin.com>,
        "Gustavo A. R. Silva" <gustavo@...eddedor.com>
Cc:     Alessandro Zummo <a.zummo@...ertech.it>, linux-rtc@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH] rtc: remove VLA usage

Hi Alexandre,

On 03/07/2018 03:25 PM, Alexandre Belloni wrote:
> On 07/03/2018 at 14:11:33 -0600, Gustavo A. R. Silva wrote:
>> In preparation to enabling -Wvla, remove VLA and replace it
>> with a fixed-length array instead.
>>
> You should probably explain what VLA is and why this is important to do.

Sure. I can elaborate a little bit more.

>> Signed-off-by: Gustavo A. R. Silva <gustavo@...eddedor.com>
>> ---
>>   drivers/rtc/rtc-bq32k.c  | 2 +-
>>   drivers/rtc/rtc-mcp795.c | 2 +-
>>   2 files changed, 2 insertions(+), 2 deletions(-)
>>
>> diff --git a/drivers/rtc/rtc-bq32k.c b/drivers/rtc/rtc-bq32k.c
>> index e8698e9..e4b234a 100644
>> --- a/drivers/rtc/rtc-bq32k.c
>> +++ b/drivers/rtc/rtc-bq32k.c
>> @@ -74,7 +74,7 @@ static int bq32k_read(struct device *dev, void *data, uint8_t off, uint8_t len)
>>   static int bq32k_write(struct device *dev, void *data, uint8_t off, uint8_t len)
>>   {
>>   	struct i2c_client *client = to_i2c_client(dev);
>> -	uint8_t buffer[len + 1];
>> +	uint8_t buffer[256];
>>   
> You chose to change len to 255, probably because this is a uint8_t but

Correct.

> this is way too much for this rtc, it only has 10 consecutive registers.

In that case probably the best solution is to add the following line to 
the module:

#define MAX_LEN 10

and update the rest of the code as follows:

uint8_t buffer[MAX_LEN + 1];


>>   	buffer[0] = off;
>>   	memcpy(&buffer[1], data, len);
>> diff --git a/drivers/rtc/rtc-mcp795.c b/drivers/rtc/rtc-mcp795.c
>> index 79e24ea..00e11c1 100644
>> --- a/drivers/rtc/rtc-mcp795.c
>> +++ b/drivers/rtc/rtc-mcp795.c
>> @@ -82,7 +82,7 @@ static int mcp795_rtcc_write(struct device *dev, u8 addr, u8 *data, u8 count)
>>   {
>>   	struct spi_device *spi = to_spi_device(dev);
>>   	int ret;
>> -	u8 tx[2 + count];
>> +	u8 tx[257];

For this particular case it seems to me that the following works just fine:

#define MAX_COUNT 7

u8 tx[MAX_COUNT + 2];

What do you think?

Thanks for your feedback.
--
Gustavo

>>   
>>   	tx[0] = MCP795_WRITE;
>>   	tx[1] = addr;
>> -- 
>> 2.7.4
>>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ