lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 28 Jun 2019 09:32:37 +0100 From: Colin Ian King <colin.king@...onical.com> To: Martin Blumenstingl <martin.blumenstingl@...glemail.com> Cc: alexandre.torgue@...com, davem@...emloft.net, joabreu@...opsys.com, kernel-janitors@...r.kernel.org, linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org, linux-stm32@...md-mailman.stormreply.com, mcoquelin.stm32@...il.com, netdev@...r.kernel.org, peppe.cavallaro@...com Subject: Re: [PATCH] net: stmmac: add sanity check to device_property_read_u32_array call On 28/06/2019 05:15, Martin Blumenstingl wrote: > On Tue, Jun 25, 2019 at 9:58 AM Colin Ian King <colin.king@...onical.com> wrote: >> >> On 25/06/2019 05:44, Martin Blumenstingl wrote: >>> Hi Colin, >>> >>> On Thu, Jun 20, 2019 at 3:34 AM Martin Blumenstingl >>> <martin.blumenstingl@...glemail.com> wrote: >>>> >>>> Hi Colin, >>>> >>>> On Wed, Jun 19, 2019 at 8:55 AM Colin Ian King <colin.king@...onical.com> wrote: >>>>> >>>>> On 19/06/2019 06:13, Martin Blumenstingl wrote: >>>>>> Hi Colin, >>>>>> >>>>>>> Currently the call to device_property_read_u32_array is not error checked >>>>>>> leading to potential garbage values in the delays array that are then used >>>>>>> in msleep delays. Add a sanity check to the property fetching. >>>>>>> >>>>>>> Addresses-Coverity: ("Uninitialized scalar variable") >>>>>>> Signed-off-by: Colin Ian King <colin.king@...onical.com> >>>>>> I have also sent a patch [0] to fix initialize the array. >>>>>> can you please look at my patch so we can work out which one to use? >>>>>> >>>>>> my concern is that the "snps,reset-delays-us" property is optional, >>>>>> the current dt-bindings documentation states that it's a required >>>>>> property. in reality it isn't, there are boards (two examples are >>>>>> mentioned in my patch: [0]) without it. >>>>>> >>>>>> so I believe that the resulting behavior has to be: >>>>>> 1. don't delay if this property is missing (instead of delaying for >>>>>> <garbage value> ms) >>>>>> 2. don't error out if this property is missing >>>>>> >>>>>> your patch covers #1, can you please check whether #2 is also covered? >>>>>> I tested case #2 when submitting my patch and it worked fine (even >>>>>> though I could not reproduce the garbage values which are being read >>>>>> on some boards) >>> in the meantime I have tested your patch. >>> when I don't set the "snps,reset-delays-us" property then I get the >>> following error: >>> invalid property snps,reset-delays-us >>> >>> my patch has landed in the meantime: [0] >>> how should we proceed with your patch? Your fix is good, so I think we should just drop/forget about my fix. Colin >> >> I'm out of the office today. I'll get back to you on this tomorrow. > gentle ping > (I will be away for the weekend but I can reply on Monday) >
Powered by blists - more mailing lists