lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAMpxmJV97uexBKK3zHuOWfBQ77uorgxadUcrieBP2fLPs0dPeA@mail.gmail.com>
Date:   Thu, 3 Dec 2020 09:01:37 +0100
From:   Bartosz Golaszewski <bgolaszewski@...libre.com>
To:     Biwen Li <biwen.li@....nxp.com>
Cc:     Li Yang <leoyang.li@....com>, aisheng.dong@....com,
        LKML <linux-kernel@...r.kernel.org>, jiafei.pan@....com,
        linux-gpio <linux-gpio@...r.kernel.org>,
        Biwen Li <biwen.li@....com>
Subject: Re: [PATCH] gpio: mpc8xxx: resolve coverity warnings

On Thu, Dec 3, 2020 at 8:31 AM Biwen Li <biwen.li@....nxp.com> wrote:
>
> From: Biwen Li <biwen.li@....com>
>
> Resolve coverity warnings as follows,
>     cond_at_most: Checking gpio >= 28U implies that gpio may be up
>     to 27 on the false branch.
>     overrun-call: Overrunning callees array of size 3 by passing
>     argument gpio (which evaluates to 27)
>     in call to *mpc8xxx_gc->direction_output
>
>     cond_at_least: Checking gpio <= 3U implies that gpio is at least 4 on
>     the false branch.
>     overrun-call: Overrunning callee's array of size 3 by passing argument
>     gpio (which evaluates to 4) in call to *mpc8xxx_gc->direction_output
>
> Signed-off-by: Biwen Li <biwen.li@....com>
> ---
>  drivers/gpio/gpio-mpc8xxx.c | 5 +++--
>  1 file changed, 3 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/gpio/gpio-mpc8xxx.c b/drivers/gpio/gpio-mpc8xxx.c
> index a6c2bbdcaa10..12c9a91d87b7 100644
> --- a/drivers/gpio/gpio-mpc8xxx.c
> +++ b/drivers/gpio/gpio-mpc8xxx.c
> @@ -3,6 +3,7 @@
>   *
>   * Copyright (C) 2008 Peter Korsgaard <jacmet@...site.dk>
>   * Copyright (C) 2016 Freescale Semiconductor Inc.
> + * Copyright 2020 NXP

A copyright notice on a two-line change is a bit too much, don't you think?

>   *
>   * This file is licensed under the terms of the GNU General Public License
>   * version 2.  This program is licensed "as is" without any warranty of any
> @@ -80,7 +81,7 @@ static int mpc5121_gpio_dir_out(struct gpio_chip *gc,
>  {
>         struct mpc8xxx_gpio_chip *mpc8xxx_gc = gpiochip_get_data(gc);
>         /* GPIO 28..31 are input only on MPC5121 */
> -       if (gpio >= 28)
> +       if (gpio >= 28U)
>                 return -EINVAL;

I don't really understand the commit message but looking at the code
is even more confusing. What are you fixing here actually?

Bartosz

>
>         return mpc8xxx_gc->direction_output(gc, gpio, val);
> @@ -91,7 +92,7 @@ static int mpc5125_gpio_dir_out(struct gpio_chip *gc,
>  {
>         struct mpc8xxx_gpio_chip *mpc8xxx_gc = gpiochip_get_data(gc);
>         /* GPIO 0..3 are input only on MPC5125 */
> -       if (gpio <= 3)
> +       if (gpio <= 3U)
>                 return -EINVAL;
>
>         return mpc8xxx_gc->direction_output(gc, gpio, val);
> --
> 2.17.1
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ