lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Fri, 4 Nov 2022 09:19:14 -0600
From:   Shuah Khan <skhan@...uxfoundation.org>
To:     Greg KH <gregkh@...uxfoundation.org>
Cc:     shuah@...nel.org, valentina.manea.m@...il.com,
        linux-usb@...r.kernel.org, linux-kernel@...r.kernel.org,
        Shuah Khan <skhan@...uxfoundation.org>
Subject: Re: [PATCH 2/2] usb/usbip: Fix v_recv_cmd_submit() to use PIPE_BULK
 define

On 11/3/22 07:24, Greg KH wrote:
> On Thu, Nov 03, 2022 at 07:12:43AM -0600, Shuah Khan wrote:
>> Fix v_recv_cmd_submit() to use PIPE_BULK define instead of hard coded
>> values. This also fixes the following signed integer overflow error
>> reported by cppcheck. This is not an issue since pipe is unsigned int.
>> However, this change improves the code to use proper define.
>>
>> drivers/usb/usbip/vudc_rx.c:152:26: error: Signed integer overflow for expression '3<<30'. [integerOverflow]
>>   urb_p->urb->pipe &= ~(3 << 30);
>>
>> In addition, add a sanity check for PIPE_BULK != 3 as the code path depends
>> on PIPE_BULK = 3.
>>
>> Signed-off-by: Shuah Khan <skhan@...uxfoundation.org>
>> ---
>>   drivers/usb/usbip/vudc_rx.c | 5 ++++-
>>   1 file changed, 4 insertions(+), 1 deletion(-)
>>
>> diff --git a/drivers/usb/usbip/vudc_rx.c b/drivers/usb/usbip/vudc_rx.c
>> index a6ca27f10b68..e7e0eb6bbca0 100644
>> --- a/drivers/usb/usbip/vudc_rx.c
>> +++ b/drivers/usb/usbip/vudc_rx.c
>> @@ -149,7 +149,10 @@ static int v_recv_cmd_submit(struct vudc *udc,
>>   	urb_p->urb->status = -EINPROGRESS;
>>   
>>   	/* FIXME: more pipe setup to please usbip_common */
>> -	urb_p->urb->pipe &= ~(3 << 30);
>> +#if PIPE_BULK != 3
>> +#error "Sanity check failed, this code presumes PIPE_... to range from 0 to 3"
>> +#endif
> 
> Perhaps use BUILD_BUG_ON() instead of hand-rolling one?
> 

Makes sense. I will send v2.

thanks,
-- Shuah

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ