| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <b86a9ef9-ea50-45e1-85b6-20b6f5358862@moroto.mountain> Date: Fri, 31 May 2024 11:53:29 +0300 From: Dan Carpenter <dan.carpenter@...aro.org> To: Harshit Mogalapalli <harshit.m.mogalapalli@...cle.com> Cc: Edward Adam Davis <eadavis@...com>, syzbot+07762f019fd03d01f04c@...kaller.appspotmail.com, linux-kernel@...r.kernel.org, syzkaller-bugs@...glegroups.com, Dan Carpenter <error27@...il.com> Subject: Re: [syzbot] [input?] [usb?] KMSAN: uninit-value in asus_report_fixup On Thu, May 30, 2024 at 08:16:59PM +0530, Harshit Mogalapalli wrote: > > diff --git a/drivers/hid/usbhid/hid-core.c b/drivers/hid/usbhid/hid-core.c > > index a90ed2ceae84..9f0e09f667b1 100644 > > --- a/drivers/hid/usbhid/hid-core.c > > +++ b/drivers/hid/usbhid/hid-core.c > > @@ -1029,7 +1029,7 @@ static int usbhid_parse(struct hid_device *hid) > > return -EINVAL; > > } > > - rdesc = kmalloc(rsize, GFP_KERNEL); > > + rdesc = kzalloc(rsize, GFP_KERNEL); This kzalloc() is unnecessary because hid_get_class_descriptor() has a memset() built in: memset(buf, 0, size); I'm not a huge fan of how if hid_get_class_descriptor() runs out of retries, we return the number of bytes in a partial read. Then the caller pretends it was a success instead of using the result. But that's a different issue. regards, dan carpenter
Powered by blists - more mailing lists