lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 24 Apr 2019 15:31:23 +0000
From:   Nixiaoming <nixiaoming@...wei.com>
To:     Stephen Boyd <sboyd@...nel.org>,
        "jbrunet@...libre.com" <jbrunet@...libre.com>,
        "mojha@...eaurora.org" <mojha@...eaurora.org>,
        "mturquette@...libre.com" <mturquette@...libre.com>,
        "sboyd@...eaurora.org" <sboyd@...eaurora.org>,
        "soren.brinkmann@...inx.com" <soren.brinkmann@...inx.com>
CC:     "linux-clk@...r.kernel.org" <linux-clk@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: RE: [PATCH v3 1/2] clk:Fix divide-by-zero in
 divider_ro_round_rate_parent

On Wed, Apr 24, 2019 at 6:52 AM Stephen Boyd <sboyd@...nel.org> wrote:
>Quoting nixiaoming (2019-03-30 06:54:50)
>> In the function divider_recalc_rate() The judgment of the return value of
>> _get_div() indicates that the return value of _get_div() can be 0.
>
>When does _get_div() return 0? It can't be CLK_DIVIDER_MAX_AT_ZERO or
>CLK_DIVIDER_POWER_OF_TWO. I suppose it could be CLK_DIVIDER_ONE_BASED if
>CLK_DIVIDER_ALLOW_ZERO is set? Or just CLK_DIVIDER_ALLOW_ZERO is set? Or
>a table that has 0 in it for some odd reason.
>
divider_ro_round_rate_parent() is an exported function.
There is no parameter check or return value check before 
and after calling _get_div(), which may result in a divide by zero error.

Case1: The "flags" contains CLK_DIVIDER_ONE_BASED, and "val" is 0.
Case2: The "flags" does not contain CLK_DIVIDER_ONE_BASED, 
    CLK_DIVIDER_POWER_OF_TWO, CLK_DIVIDER_MAX_AT_ZERO,  
    "table" is NULL.  "val" is 0xffffffff
In both cases _get_div() returns 0

>> In order to avoid the divide-by-zero error, add check for return value
>> of _get_div() in the divider_ro_round_rate_parent()
>> 
>> Signed-off-by: nixiaoming <nixiaoming@...wei.com>
>> Reviewed-by: Mukesh Ojha <mojha@...eaurora.org>
>> ---
>>  drivers/clk/clk-divider.c | 3 +++
>>  1 file changed, 3 insertions(+)
>> 
>> diff --git a/drivers/clk/clk-divider.c b/drivers/clk/clk-divider.c
>> index e5a1726..f4bf7a4 100644
>> --- a/drivers/clk/clk-divider.c
>> +++ b/drivers/clk/clk-divider.c
>> @@ -347,6 +347,9 @@ long divider_ro_round_rate_parent(struct clk_hw *hw, struct clk_hw *parent,
>>         int div;
>>  
>>         div = _get_div(table, val, flags, width);
>> +       /* avoid divide-by-zero */
>> +       if (!div)
>> +               return -EINVAL;
>
>Can you please give more details on what's happening here? Who's the
>caller? What are the arguments being passed in? Shouldn't we check for
>CLK_DIVIDER_ALLOW_ZERO and then return prate as it comes in instead of
>returning an error?
>
I found that there may be a divide-by-zero error by code review,
 for example: "flags" is CLK_DIVIDER_ONE_BASED and "val" is 0.
So simply add a return value check to avoid divide-by-zero

thanks for your suggestion, 
I will resend the patch later
refer to your advice and divider_recalc_rate() to add a check for CLK_DIVIDER_ALLOW_ZERO

thanks

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ