| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 6 Jun 2020 18:16:23 +0300
From: Vasily Averin <vvs@...tuozzo.com>
To: Gao Xiang <hsiangkao@....com>, Yann Collet <cyan@...com>
Cc: linux-kernel@...r.kernel.org,
Andrew Morton <akpm@...ux-foundation.org>,
Gao Xiang <xiang@...nel.org>
Subject: Re: [PATCH] lib/lz4: smatch warning in LZ4_decompress_generic()
Dear Yann,
could you please consult us about your lz4 pacth
https://github.com/lz4/lz4/commit/1a191b3f8d26b50a7c1d41590b529ec308d768cd
Please see details below.
Thank you,
Vasily Averin
On 6/6/20 5:36 PM, Gao Xiang wrote:
> On Sat, Jun 06, 2020 at 04:28:02PM +0300, Vasily Averin wrote:
>> Found by smatch:
>> lib/lz4/lz4_decompress.c:150 LZ4_decompress_generic() warn: maybe use && instead of &
>> It was realy incorrectly copied from
>> https://github.com/lz4/lz4/commit/45f8603aae389d34c689d3ff7427b314071ccd2c
>> line 1431
>
> Simply no.
>
>>
>> Fixes: 2209fda323e2 ("lib/lz4: update LZ4 decompressor module")
>> Signed-off-by: Vasily Averin <vvs@...tuozzo.com>
>> ---
>> lib/lz4/lz4_decompress.c | 2 +-
>> 1 file changed, 1 insertion(+), 1 deletion(-)
>commit 1a191b3f8d26b50a7c1d41590b529ec308d768cd
Author: Yann Collet <cyan@...com>
Date: Wed May 2 10:33:12 2018 -0700
simplify shortcut
diff --git a/lib/lz4.c b/lib/lz4.c
index c6f0426..b46910f 100644
--- a/lib/lz4.c
+++ b/lib/lz4.c
@@ -1429,62 +1429,29 @@ LZ4_FORCE_INLINE int LZ4_decompress_generic(
*/
if ((endOnInput ? length != RUN_MASK : length <= 8) &&
/* strictly "less than" on input, to re-enter the loop with at least one byte */
- likely((endOnInput ? ip < shortiend : 1) && (op <= shortoend)))
+ likely((endOnInput ? ip < shortiend : 1) & (op <= shortoend)))
>
>> diff --git a/lib/lz4/lz4_decompress.c b/lib/lz4/lz4_decompress.c
>> index 0c9d3ad..f7f7dca 100644
>> --- a/lib/lz4/lz4_decompress.c
>> +++ b/lib/lz4/lz4_decompress.c
>> @@ -147,7 +147,7 @@ static FORCE_INLINE int LZ4_decompress_generic(
>> * strictly "less than" on input, to re-enter
>> * the loop with at least one byte
>> */
>> - && likely((endOnInput ? ip < shortiend : 1) &
>> + && likely((endOnInput ? ip < shortiend : 1) &&
>
> I'd like to say, this is not my mistake (even not an issue).
> If you notice the latest LZ4 upstream
> https://github.com/lz4/lz4/blob/dev/lib/lz4.c#L1865
>
> Or some related change, the lz4 author Cyan did it on purpose.
> https://github.com/lz4/lz4/commit/1a191b3f8d26b50a7c1d41590b529ec308d768cd
For me it looks like typo in patch,
lets ask author of this commit.
> I think we could follow the latest LZ4 upstream in order to
> avoid further maintainence overhead. That's my own thought
> anyway.
>
> Thanks,
> Gao Xiang
>
Powered by blists - more mailing lists