lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <275d6509-ebd2-f00e-176d-abf97ae834da@linaro.org>
Date:   Mon, 27 Jan 2020 08:10:02 -0600
From:   Alex Elder <elder@...aro.org>
To:     SAURAV GIREPUNJE <saurav.girepunje@...il.com>,
        Johan Hovold <johan@...nel.org>
Cc:     devel@...verdev.osuosl.org, elder@...nel.org, vireshk@...nel.org,
        linux-kernel@...r.kernel.org, greybus-dev@...ts.linaro.org
Subject: Re: [greybus-dev] [PATCH] staging: greybus: bootrom: fix
 uninitialized variables

On 1/25/20 6:14 AM, SAURAV GIREPUNJE wrote:
> On 25/01/20 11:00 +0100, Johan Hovold wrote:
>> On Sat, Jan 25, 2020 at 02:14:03PM +0530, Saurav Girepunje wrote:
>>> fix uninitialized variables issue found using static code analysis tool
>>
>> Which tool is that?
>>
>>> (error) Uninitialized variable: offset
>>> (error) Uninitialized variable: size
>>>
>>> Signed-off-by: Saurav Girepunje <saurav.girepunje@...il.com>
>>> ---
>>>   drivers/staging/greybus/bootrom.c | 2 +-
>>>   1 file changed, 1 insertion(+), 1 deletion(-)
>>>
>>> diff --git a/drivers/staging/greybus/bootrom.c b/drivers/staging/greybus/bootrom.c
>>> index a8efb86..9eabeb3 100644
>>> --- a/drivers/staging/greybus/bootrom.c
>>> +++ b/drivers/staging/greybus/bootrom.c
>>> @@ -245,7 +245,7 @@ static int gb_bootrom_get_firmware(struct gb_operation *op)
>>>       struct gb_bootrom_get_firmware_request *firmware_request;
>>>       struct gb_bootrom_get_firmware_response *firmware_response;
>>>       struct device *dev = &op->connection->bundle->dev;
>>> -    unsigned int offset, size;
>>> +    unsigned int offset = 0, size = 0;
>>>       enum next_request_type next_request;
>>>       int ret = 0;
>>
>> I think this has come up in the past, and while the code in question is
>> overly complicated and confuses static checkers as well as humans, it
>> looks correct to me.
>>
>> Please make sure to verify the output of any tools before posting
>> patches based on them.
>>
>> Johan
> I used cppcheck tool .

Implied in Johan's question is a suggestion.

When you propose a patch that addresses something flagged by a
tool of some kind, it is good practice to identify the tool in
the patch description, and even better, give an example of how
the tool was invoked when reported the problem you're fixing.
Sometimes people even include the output of the tool, though
I think that can sometimes be a bit much.

And as you have now heard several times, do not blindly trust
the output of these tools.  They're intended to call attention
to things for you to examine; they are no match for a human,
and things they tell you about are not guaranteed to be real
problems.

					-Alex

> _______________________________________________ 
> greybus-dev mailing list
> greybus-dev@...ts.linaro.org
> https://lists.linaro.org/mailman/listinfo/greybus-dev

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ