| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <e2080eb9-bbe2-5077-761d-b5594edb6006@gmail.com>
Date: Wed, 28 Jul 2021 18:24:12 +0800
From: Li Tuo <islituo@...il.com>
To: sre@...nel.org
Cc: linux-pm@...r.kernel.org, linux-kernel@...r.kernel.org,
baijiaju1990@...il.com
Subject: [BUG] power: supply: 88pm860x_battery: possible
uninitialized-variable access in measure_vbatt()
Hello,
Our static analysis tool finds a possible uninitialized-variable access
in the 88pm860x_battery driver in Linux 5.14.0-rc3:
In calc_soc():
369: int ocv;
376: switch (state) {
380: case OCV_MODE_SLEEP:
381: ret = measure_vbatt(info, OCV_MODE_SLEEP, &ocv);
In measure_vbatt(struct pm860x_battery_info *info, int state, int *data)
176: switch (state) {
184: case OCV_MODE_SLEEP:
201: *data = ((*data & 0xff) * 27 * 25) >> 9;
If the variable state is OCV_MODE_SLEEP, the function measure_vbatt() is
called with the argument &ocv,
and the corresponding parameter is data. Thus *data is uninitialized but
it is used at line 201.
I am not quite sure whether this possible uninitialized-variable access
is real and how to fix it if it is real.
Any feedback would be appreciated, thanks!
Reported-by: TOTE Robot <oslab@...nghua.edu.cn>
Best wishes,
Tuo Li
Powered by blists - more mailing lists