| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 9 Oct 2018 20:25:16 +0000
From: Sergey Matyukevich <sergey.matyukevich.os@...ntenna.com>
To: Arnd Bergmann <arnd@...db.de>
CC: Igor Mitsyanko <imitsyanko@...ntenna.com>,
Igor Mitsyanko <igor.mitsyanko.os@...ntenna.com>,
Avinash Patil <avinashp@...ntenna.com>,
Sergey Matyukevich <smatyukevich@...ntenna.com>,
Kalle Valo <kvalo@...eaurora.org>,
"David S. Miller" <davem@...emloft.net>,
Andrey Shevchenko <ashevchenko@...ntenna.com>,
"linux-wireless@...r.kernel.org" <linux-wireless@...r.kernel.org>,
"netdev@...r.kernel.org" <netdev@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] qtnfmac: avoid uninitialized variable access
Hello Arnd,
> When qtnf_trans_send_cmd_with_resp() fails, we have not yet initialized
> 'resp', as pointed out by a valid gcc warning:
>
> drivers/net/wireless/quantenna/qtnfmac/commands.c: In function 'qtnf_cmd_send_with_reply':
> drivers/net/wireless/quantenna/qtnfmac/commands.c:133:54: error: 'resp' may be used uninitialized in this function [-Werror=maybe-uninitialized]
>
> Since 'resp_skb' is also not set here, we can skip all further
> processing and just print the warning and return the failure code.
>
> Fixes: c6ed298ffe09 ("qtnfmac: cleanup and unify command error handling")
> Signed-off-by: Arnd Bergmann <arnd@...db.de>
Thanks for the patch! And for reminding me that I forgot to enable
gcc warnings in CI builds in addition to sparse checks.
Reviewed-by: Sergey Matyukevich <sergey.matyukevich.os@...ntenna.com>
Regards,
Sergey
Powered by blists - more mailing lists