lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 3 Mar 2021 10:24:25 +0200
From:   Andy Shevchenko <andriy.shevchenko@...ux.intel.com>
To:     Greg KH <gregkh@...uxfoundation.org>
Cc:     "Wang, Li" <li.wang@...driver.com>, jirislaby@...nel.org,
        dmitry.torokhov@...il.com, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] vt: keyboard, fix uninitialized variables warning

On Wed, Mar 03, 2021 at 08:39:09AM +0100, Greg KH wrote:
> On Wed, Mar 03, 2021 at 03:33:23PM +0800, Wang, Li wrote:
> > On 3/3/2021 3:14 PM, Greg KH wrote:
> > > On Wed, Mar 03, 2021 at 12:59:32PM +0800, Li Wang wrote:
> > > > drivers/tty/vt/keyboard.c: In function 'vt_do_kdgkb_ioctl':
> > > > drivers/tty/vt/keyboard.c: warning: 'ret' may be used uninitialized in this function [-Wmaybe-uninitialized]
> > > >    return ret;
> > > >           ^~~
> > > > kernel-source/drivers/tty/vt/keyboard.c: warning: 'kbs' may be used uninitialized in this function [-Wmaybe-uninitialized]
> > > >    kfree(kbs);
> > > >    ^~~~~~~~~~
> > > > 
> > > > Signed-off-by: Li Wang <li.wang@...driver.com>
> > > > ---
> > > >   drivers/tty/vt/keyboard.c | 4 ++--
> > > >   1 file changed, 2 insertions(+), 2 deletions(-)
> > > > 
> > > > diff --git a/drivers/tty/vt/keyboard.c b/drivers/tty/vt/keyboard.c
> > > > index 7763862..3e73d55 100644
> > > > --- a/drivers/tty/vt/keyboard.c
> > > > +++ b/drivers/tty/vt/keyboard.c
> > > > @@ -2049,8 +2049,8 @@ int vt_do_kdgkb_ioctl(int cmd, struct kbsentry __user *user_kdgkb, int perm)
> > > >   {
> > > >   	unsigned char kb_func;
> > > >   	unsigned long flags;
> > > > -	char *kbs;
> > > > -	int ret;
> > > > +	char *kbs = NULL;
> > > > +	int ret = -EINVAL;
> > > >   	if (get_user(kb_func, &user_kdgkb->kb_func))
> > > >   		return -EFAULT;
> > > What compiler is providing these "warnings"?
> > > 
> > > Turns out it is impossible to hit, so this isn't actually fixing
> > > anything...
> > 
> > I tested it with gcc 8.2 for arm
> > 
> > for runtime codes view, indeed it is impossible to hit.
> > 
> > but for compiler view, gcc should give 'used uninitialized' warning, too.
> 
> Odd that no other compiler version does this right now, perhaps upgrade
> to a newer version of gcc?  8.2 is really old :(

But it's still supported. I think I can see why. We have a switch case without
default, and probably that's how it makes that happen. So, the proper fix is to
add default section AFAICT.

-- 
With Best Regards,
Andy Shevchenko

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ