| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 21 Feb 2024 16:15:12 +0300
From: Dan Carpenter <dan.carpenter@...aro.org>
To: Colin Ian King <colin.i.king@...il.com>
Cc: "Rafael J . Wysocki" <rafael@...nel.org>,
Zhang Rui <rui.zhang@...el.com>, Len Brown <lenb@...nel.org>,
linux-acpi@...r.kernel.org, kernel-janitors@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH][next] ACPI: thermal_lib: Add missing checks for errors
in return code ret
On Wed, Feb 21, 2024 at 12:39:36PM +0000, Colin Ian King wrote:
> Static analysis with clang scan build detected various return codes
> being assigned and not checked. The calls to the trip point functions
> probably should be error return checked as these can fail because
> of unlikely issues such as invalid ACPI object names or ACPI value
> evaluation failures.
>
> Cleans up clang scan warnings, such as:
> drivers/acpi/thermal_lib.c:106:9: warning: 2nd function call argument
> is an uninitialized value [core.CallAndMessage]
> return thermal_temp(ret, temp_decik, ret_temp);
>
>
> Fixes: 6908097aa5a7 ("ACPI: thermal_lib: Add functions returning temperature in deci-Kelvin")
> Signed-off-by: Colin Ian King <colin.i.king@...il.com>
> ---
>
> Note: Not tested.
>
> ---
> drivers/acpi/thermal_lib.c | 12 ++++++++++++
> 1 file changed, 12 insertions(+)
>
> diff --git a/drivers/acpi/thermal_lib.c b/drivers/acpi/thermal_lib.c
> index 4e0519ca9739..4d27048ef075 100644
> --- a/drivers/acpi/thermal_lib.c
> +++ b/drivers/acpi/thermal_lib.c
> @@ -103,6 +103,9 @@ int thermal_acpi_active_trip_temp(struct acpi_device *adev, int id, int *ret_tem
> int temp_decik;
> int ret = acpi_active_trip_temp(adev, id, &temp_decik);
>
> + if (ret)
> + return ret;
> +
> return thermal_temp(ret, temp_decik, ret_temp);
^^^
The "ret" variable is checked at the start of the thermal_temp()
function which means the code works the same before and after your
patch.
However, the static checker is correct that we are passing uninitialized
data to this function, it's just never used if "ret" is non-zero.
In this case, the rule is that if the function is parsed inline then
it's not a bug, but if it's not inline then it is a bug. Technically,
passing uninitialized data to a function is undefined behavior in C but
Linus said that didn't really match with real life and that everyone
should recognize that inlines are different and update the tools
accordingly. (Something like that, I don't have the email in front of
me).
The other thing to consider is that tools like MEMSan (?) will see
non-inline function calls and we're reading from uninitialized memory
and trigger a warning for that.
In this code, I suspect that thermal_temp() will be inlined so it's
probably a false positive in Clang.
regards,
dan carpenter
Powered by blists - more mailing lists