| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 23 Jun 2022 08:59:52 -0700 From: Dmitry Torokhov <dmitry.torokhov@...il.com> To: Johan Hovold <johan@...nel.org> Cc: linux-input@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH v2] Input: usbtouchscreen - add driver_info sanity check On Thu, Jun 23, 2022 at 08:24:46AM +0200, Johan Hovold wrote: > Add a sanity check on the device id-table driver_info field to make sure > we never access a type structure (and function pointers) outside of the > device info array (e.g. if someone fails to ifdef a device-id entry). > > Note that this also suppresses a compiler warning with -Warray-bounds > (gcc-11.3.0) when compile-testing the driver without enabling any of > the device type Kconfig options: > > drivers/input/touchscreen/usbtouchscreen.c: In function 'usbtouch_probe': > drivers/input/touchscreen/usbtouchscreen.c:1668:16:warning: array subscript <unknown> is outside array bounds of 'struct usbtouch_device_info[0]' [-Warray-bounds] > 1668 | type = &usbtouch_dev_info[id->driver_info]; > > Signed-off-by: Johan Hovold <johan@...nel.org> > --- > > Changes in v2 > - use ARRAY_SIZE() for the sanity check (Dmitry) > - drop the dummy entry and combine the two patches as the sanity check > itself is enough to suppress the compiler warning (Dmitry) > - use -ENODEV instead of -EINVAL even if this means no error will be > logged in the unlikely event of a future driver bug Is this on purpose or because I happened to have used this error code when I suggested the change? I'm fine with returning -EINVAL there. Thanks. -- Dmitry
Powered by blists - more mailing lists