lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <CAE4BR8L-SODeOa3OAV9Z5h5jMfLpRnKwDnSMx7y6nXH-M2NkUQ@mail.gmail.com>
Date:   Wed, 18 Oct 2023 10:59:13 -0700
From:   Haonan Li <lihaonan1105@...il.com>
To:     Sergey Shtylyov <s.shtylyov@....ru>
Cc:     Damien Le Moal <dlemoal@...nel.org>, linux-ide@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH] pata_lagacy: Handle failed ATA timing computation in opti82c46x_set_piomode

Hello Sergey,

Thank you for pointing that out. My main concern was the potential
for ata_timing_find_mode() to return NULL, causing ata_timing_compute()
to return -EINVAL. While this might be rare, I thought it would be
safer to handle such cases.

However, if the common practice in drivers/ata/ is to ignore the result
of ata_timing_compute(), let's drop the patch as needed.

Thank you for your time and feedback.

Best,
Haonan

On Wed, Oct 18, 2023 at 10:15 AM Sergey Shtylyov <s.shtylyov@....ru> wrote:
>
> Hello!
>
> On 10/18/23 3:52 AM, Haonan Li wrote:
>
> > The function opti82c46x_set_piomode utilizes the ata_timing_compute()
> > to determine the appropriate ATA timings for a given device. However,
> > in certain conditions where the ata_timing_find_mode() function does
> > not find a valid mode, ata_timing_compute() returns an error (-EINVAL),
> > leaving the tp struct uninitialized.
>
>    Looks like it's very common to ignore the result of ata_timing_compute()
> in drivers/ata/...
>    Mind sharing the "certain conditions"? :-) I don't think the set_piomode()
> method can be called by libata itself with an unsupported xfer mode...
>
> > This patch checks the return value of ata_timing_compute() and print
> > err message. This avoids any potential use of uninitialized `tp`
> > struct in the opti82c46x_set_piomode function.
> >
> > Signed-off-by: Haonan Li <lihaonan1105@...il.com>
> [...]
>
> Reviewed-by: Sergey Shtylyov <s.shtylyov@....ru>
>
> MBR, Sergey

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ