| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 3 Nov 2022 22:24:19 +0900
From: Greg KH <gregkh@...uxfoundation.org>
To: Shuah Khan <skhan@...uxfoundation.org>
Cc: shuah@...nel.org, valentina.manea.m@...il.com,
linux-usb@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 2/2] usb/usbip: Fix v_recv_cmd_submit() to use PIPE_BULK
define
On Thu, Nov 03, 2022 at 07:12:43AM -0600, Shuah Khan wrote:
> Fix v_recv_cmd_submit() to use PIPE_BULK define instead of hard coded
> values. This also fixes the following signed integer overflow error
> reported by cppcheck. This is not an issue since pipe is unsigned int.
> However, this change improves the code to use proper define.
>
> drivers/usb/usbip/vudc_rx.c:152:26: error: Signed integer overflow for expression '3<<30'. [integerOverflow]
> urb_p->urb->pipe &= ~(3 << 30);
>
> In addition, add a sanity check for PIPE_BULK != 3 as the code path depends
> on PIPE_BULK = 3.
>
> Signed-off-by: Shuah Khan <skhan@...uxfoundation.org>
> ---
> drivers/usb/usbip/vudc_rx.c | 5 ++++-
> 1 file changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/usb/usbip/vudc_rx.c b/drivers/usb/usbip/vudc_rx.c
> index a6ca27f10b68..e7e0eb6bbca0 100644
> --- a/drivers/usb/usbip/vudc_rx.c
> +++ b/drivers/usb/usbip/vudc_rx.c
> @@ -149,7 +149,10 @@ static int v_recv_cmd_submit(struct vudc *udc,
> urb_p->urb->status = -EINPROGRESS;
>
> /* FIXME: more pipe setup to please usbip_common */
> - urb_p->urb->pipe &= ~(3 << 30);
> +#if PIPE_BULK != 3
> +#error "Sanity check failed, this code presumes PIPE_... to range from 0 to 3"
> +#endif
Perhaps use BUILD_BUG_ON() instead of hand-rolling one?
thanks,
greg k-h
Powered by blists - more mailing lists