lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20201205143250.2378b9f9@kicinski-fedora-pc1c0hjn.DHCP.thefacebook.com>
Date:   Sat, 5 Dec 2020 14:32:50 -0800
From:   Jakub Kicinski <kuba@...nel.org>
To:     linux-sparse@...r.kernel.org
Cc:     linux-kernel@...r.kernel.org, edwin.peer@...adcom.com,
        Zhang Changzhong <zhangchangzhong@...wei.com>
Subject: sparse annotation for error types?

Hi!

Recently we've been getting a steady stream of patches from Changzhong
to fix missing assignment to error variables before jumping to error
cases.

I wonder if for new code it'd make sense to add an annotation for a type
which has to be returned non-zero?

What I have in mind is the following common flow:

int do_a_thing(struct my_obj *obj, int param)
{
	int err;

	err = first_step(obj, 1);
	if (err)
		return err;

	if (some_check(obj)) {
		err = -EINVAL; /* need explicit error set! */
		goto err_undo_1s;
	}

	err = second_step(obj, param);
	if (err)
		goto err_undo_1s;

	err = third_step(obj, 0);
	if (err)
		goto err_undo_2s;

	return 0;

err_undo_2s:
	second_undo(obj);
err_undo_1s:
	first_undo(obj);
	return err;
}


The variable err should never be returned when it's equal to 0.
So if we annotate it, let's say as:

	int __nzret err;

could sparse then warn if we forgot to assign it after
"if (some_check(obj))"? 

Am I the only one who thinks this would be a good idea?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ