lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <a19df26e-7c0c-e48e-8611-6035c8c7f1a4@kernel.org>
Date:   Mon, 24 Apr 2023 11:09:38 +0200
From:   Daniel Bristot de Oliveira <bristot@...nel.org>
To:     Colin Ian King <colin.i.king@...il.com>,
        Steven Rostedt <rostedt@...dmis.org>,
        linux-trace-devel@...r.kernel.org
Cc:     kernel-janitors@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] rv: Fix addition on an uninitialized variable 'run'

On 4/17/23 12:39, Colin Ian King wrote:
> The variable run is not initialized


Oops, that is a problem, it should be initialized as 0.

however it is being accumulated
> by the return value from the call to ikm_run_monitor.  Fix this by
> replacing the += with an assignment since this is the first point
> where run is being assigned.
> 
> Fixes: 4bc4b131d44c ("rv: Add rv tool")
> 
> Signed-off-by: Colin Ian King <colin.i.king@...il.com>
> ---
>  tools/verification/rv/src/rv.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/tools/verification/rv/src/rv.c b/tools/verification/rv/src/rv.c
> index e601cd9c411e..da647ad4e733 100644
> --- a/tools/verification/rv/src/rv.c
> +++ b/tools/verification/rv/src/rv.c
> @@ -111,7 +111,7 @@ static void rv_mon(int argc, char **argv)
>  	 * Call all possible monitor implementations, looking
>  	 * for the [monitor].
>  	 */
> -	run += ikm_run_monitor(monitor_name, argc-1, &argv[1]);
> +	run = ikm_run_monitor(monitor_name, argc-1, &argv[1]);

So, in the future, there will be more monitors types, and so we will check
other functions to see if they find the monitor by name. Thus, the += is correct,
what is not correct the run not being initialized.

Mind sending a patch initializing the run = 0?

Thanks!
-- Daniel

  
>  	if (!run)
>  		err_msg("rv: monitor %s does not exist\n", monitor_name);

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ