| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <f0265d75-d0e9-9f03-c730-dcc32fcccc69@gmail.com>
Date: Thu, 8 Jun 2023 08:47:27 +0100
From: "Colin King (gmail)" <colin.i.king@...il.com>
To: Qing Zhang <zhangqing@...ngson.cn>, loongarch@...ts.linux.dev
Cc: Huacai Chen <chenhuacai@...nel.org>,
WANG Xuerui <kernel@...0n.name>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: re: LoongArch: Add hardware breakpoints/watchpoints support
Hi,
Static analysis with cppcheck has found an issue in
arch/loongarch/kernel/hw_breakpoint.c function hw_breakpoint_arch_parse
with the following commit:
commit edffa33c7bb5a73e90c754c7a497162b77d7c55f
Author: Qing Zhang <zhangqing@...ngson.cn>
Date: Sat Feb 25 15:52:57 2023 +0800
LoongArch: Add hardware breakpoints/watchpoints support
/*
* Validate the arch-specific HW Breakpoint register settings.
*/
int hw_breakpoint_arch_parse(struct perf_event *bp,
const struct perf_event_attr *attr,
struct arch_hw_breakpoint *hw)
{
int ret;
u64 alignment_mask, offset;
^^ alignment mask is not initialized
/* Build the arch_hw_breakpoint. */
ret = arch_build_bp_info(bp, attr, hw);
if (ret)
return ret;
if (hw->ctrl.type != LOONGARCH_BREAKPOINT_EXECUTE)
alignment_mask = 0x7;
^^ only on this if path is alignment_mask being assigned
offset = hw->address & alignment_mask;
hw->address &= ~alignment_mask;
^^ offset and hw->address being modified by potentially uninitialized
alignment_mask
hw->ctrl.len <<= offset;
return 0;
}
Regards,
Colin
Powered by blists - more mailing lists