lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20220630044706.10772-1-mailmesebin00@gmail.com>
Date:   Thu, 30 Jun 2022 10:17:06 +0530
From:   Sebin Sebastian <mailmesebin00@...il.com>
To:     unlisted-recipients:; (no To-header on input)
Cc:     mailmesebin00@...il.com, skhan@...uxfoundation.org,
        kernel test robot <lkp@...el.com>,
        Neal Liu <neal_liu@...eedtech.com>,
        Felipe Balbi <balbi@...nel.org>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Joel Stanley <joel@....id.au>,
        Andrew Jeffery <andrew@...id.au>,
        linux-aspeed@...ts.ozlabs.org, linux-usb@...r.kernel.org,
        linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org
Subject: [PATCH v2 -next] usb: gadget: dereference before null check

Fix coverity warning dereferencing before null check. _ep and desc is
dereferenced on all paths until the check for null. Move the
initializations after the check for null.
Coverity issue: 1518209

Reported-by: kernel test robot <lkp@...el.com>
Signed-off-by: Sebin Sebastian <mailmesebin00@...il.com>
---
 Changes since v1: Fix the build errors and warnings due to first patch.
 Fix the undeclared 'ep' and 'maxpacket' error. Fix the ISO C90 warning.

 drivers/usb/gadget/udc/aspeed_udc.c | 21 ++++++++++++++-------
 1 file changed, 14 insertions(+), 7 deletions(-)

diff --git a/drivers/usb/gadget/udc/aspeed_udc.c b/drivers/usb/gadget/udc/aspeed_udc.c
index d75a4e070bf7..a43cf8dde2a8 100644
--- a/drivers/usb/gadget/udc/aspeed_udc.c
+++ b/drivers/usb/gadget/udc/aspeed_udc.c
@@ -341,26 +341,33 @@ static void ast_udc_stop_activity(struct ast_udc_dev *udc)
 static int ast_udc_ep_enable(struct usb_ep *_ep,
 			     const struct usb_endpoint_descriptor *desc)
 {
-	u16 maxpacket = usb_endpoint_maxp(desc);
-	struct ast_udc_ep *ep = to_ast_ep(_ep);
-	struct ast_udc_dev *udc = ep->udc;
-	u8 epnum = usb_endpoint_num(desc);
 	unsigned long flags;
 	u32 ep_conf = 0;
 	u8 dir_in;
 	u8 type;
+	u16 maxpacket;
+	struct ast_udc_ep *ep;
+	struct ast_udc_dev *udc;
+	u8 epnum;
 
-	if (!_ep || !ep || !desc || desc->bDescriptorType != USB_DT_ENDPOINT ||
-	    maxpacket == 0 || maxpacket > ep->ep.maxpacket) {
+	if (!_ep || !desc || desc->bDescriptorType != USB_DT_ENDPOINT) {
 		EP_DBG(ep, "Failed, invalid EP enable param\n");
 		return -EINVAL;
 	}
-
 	if (!udc->driver) {
 		EP_DBG(ep, "bogus device state\n");
 		return -ESHUTDOWN;
 	}
 
+	maxpacket = usb_endpoint_maxp(desc);
+	ep = to_ast_ep(_ep);
+	udc = ep->udc;
+	epnum = usb_endpoint_num(desc);
+	if (maxpacket == 0 || maxpacket > ep->ep.maxpacket) {
+		EP_DBG(ep, "Failed, invalid EP enable param\n");
+		return -EINVAL;
+	}
+
 	EP_DBG(ep, "maxpacket:0x%x\n", maxpacket);
 
 	spin_lock_irqsave(&udc->lock, flags);
-- 
2.34.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ