| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 4 Jan 2021 13:54:52 +0300
From: Dan Carpenter <dan.carpenter@...cle.com>
To: kbuild@...ts.01.org, Arnd Bergmann <arnd@...db.de>
Cc: lkp@...el.com, kbuild-all@...ts.01.org,
linux-kernel@...r.kernel.org,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Subject: drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c:1056
vchiq_get_user_ptr() error: uninitialized symbol 'ptr'.
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: 3644e2d2dda78e21edd8f5415b6d7ab03f5f54f3
commit: 4184da4f316a549ae732d91088571fef46a2f58d staging: vchiq: fix __user annotations
config: microblaze-randconfig-m031-20201219 (attached as .config)
compiler: microblaze-linux-gcc (GCC) 9.3.0
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@...el.com>
Reported-by: Dan Carpenter <dan.carpenter@...cle.com>
New smatch warnings:
drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c:1056 vchiq_get_user_ptr() error: uninitialized symbol 'ptr'.
Old smatch warnings:
drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c:476 vchiq_blocking_bulk_transfer() warn: returning -1 instead of -ENOMEM is sloppy
drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c:606 service_callback() warn: argument 3 to %lx specifier is cast from pointer
drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c:606 service_callback() warn: argument 7 to %lx specifier is cast from pointer
drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c:606 service_callback() warn: argument 8 to %lx specifier is cast from pointer
drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c:606 service_callback() warn: argument 9 to %lx specifier is cast from pointer
drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c:1001 vchiq_irq_queue_bulk_tx_rx() error: uninitialized symbol 'userdata'.
drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c:1890 vchiq_release() warn: argument 3 to %lx specifier is cast from pointer
vim +/ptr +1056 drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c
5d240a54be7e592 Arnd Bergmann 2020-09-18 1044 static inline int vchiq_get_user_ptr(void __user **buf, void __user *ubuf, int index)
5d240a54be7e592 Arnd Bergmann 2020-09-18 1045 {
5d240a54be7e592 Arnd Bergmann 2020-09-18 1046 int ret;
5d240a54be7e592 Arnd Bergmann 2020-09-18 1047
5d240a54be7e592 Arnd Bergmann 2020-09-18 1048 if (in_compat_syscall()) {
4184da4f316a549 Arnd Bergmann 2020-09-25 1049 compat_uptr_t ptr32;
5d240a54be7e592 Arnd Bergmann 2020-09-18 1050 compat_uptr_t __user *uptr = ubuf;
4184da4f316a549 Arnd Bergmann 2020-09-25 1051 ret = get_user(ptr32, uptr + index);
5d240a54be7e592 Arnd Bergmann 2020-09-18 1052 *buf = compat_ptr(ptr32);
5d240a54be7e592 Arnd Bergmann 2020-09-18 1053 } else {
4184da4f316a549 Arnd Bergmann 2020-09-25 1054 uintptr_t ptr, __user *uptr = ubuf;
4184da4f316a549 Arnd Bergmann 2020-09-25 1055 ret = get_user(ptr, uptr + index);
4184da4f316a549 Arnd Bergmann 2020-09-25 @1056 *buf = (void __user *)ptr;
If get_user() fails then this is uninitialized. This will trigger a
runtime error if the UBSan uninitialized behavior tool is enabled.
5d240a54be7e592 Arnd Bergmann 2020-09-18 1057 }
4184da4f316a549 Arnd Bergmann 2020-09-25 1058
5d240a54be7e592 Arnd Bergmann 2020-09-18 1059 return ret;
5d240a54be7e592 Arnd Bergmann 2020-09-18 1060 }
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org
Download attachment ".config.gz" of type "application/gzip" (24447 bytes)
Powered by blists - more mailing lists