lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20200125100011.GK8375@localhost>
Date:   Sat, 25 Jan 2020 11:00:11 +0100
From:   Johan Hovold <johan@...nel.org>
To:     Saurav Girepunje <saurav.girepunje@...il.com>
Cc:     vireshk@...nel.org, johan@...nel.org, elder@...nel.org,
        gregkh@...uxfoundation.org, greybus-dev@...ts.linaro.org,
        devel@...verdev.osuosl.org, linux-kernel@...r.kernel.org,
        saurav.girepunje@...mail.com
Subject: Re: [PATCH] staging: greybus: bootrom: fix uninitialized variables

On Sat, Jan 25, 2020 at 02:14:03PM +0530, Saurav Girepunje wrote:
> fix uninitialized variables issue found using static code analysis tool

Which tool is that?

> (error) Uninitialized variable: offset
> (error) Uninitialized variable: size
>
> Signed-off-by: Saurav Girepunje <saurav.girepunje@...il.com>
> ---
>   drivers/staging/greybus/bootrom.c | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/drivers/staging/greybus/bootrom.c b/drivers/staging/greybus/bootrom.c
> index a8efb86..9eabeb3 100644
> --- a/drivers/staging/greybus/bootrom.c
> +++ b/drivers/staging/greybus/bootrom.c
> @@ -245,7 +245,7 @@ static int gb_bootrom_get_firmware(struct gb_operation *op)
>   	struct gb_bootrom_get_firmware_request *firmware_request;
>   	struct gb_bootrom_get_firmware_response *firmware_response;
>   	struct device *dev = &op->connection->bundle->dev;
> -	unsigned int offset, size;
> +	unsigned int offset = 0, size = 0;
>   	enum next_request_type next_request;
>   	int ret = 0;

I think this has come up in the past, and while the code in question is
overly complicated and confuses static checkers as well as humans, it
looks correct to me.

Please make sure to verify the output of any tools before posting
patches based on them.

Johan

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ