lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <bc73207a-4b52-423d-833a-fb2a4221a5bc@gmail.com>
Date: Fri, 28 Jun 2024 20:07:05 +0200
From: Mirsad Todorovac <mtodorovac69@...il.com>
To: linux-kernel@...r.kernel.org
Cc: Jiri Kosina <jikos@...nel.org>, Benjamin Tissoires <bentiss@...nel.org>,
 linux-input@...r.kernel.org,
 Linux Kernel Build System <linux-kbuild@...r.kernel.org>
Subject: [PROBLEM linux-next] drivers/hid/hidraw.c: error: cast from pointer
 to integer of different size [-Werror=pointer-to-int-cast]

Hi all,

While testing randconfig with vanilla next-20240627, the following KCONFIG_SEED=0x14021E00
gave this particular build error:

drivers/hid/hidraw.c: In function ‘hidraw_send_report’:
drivers/hid/hidraw.c:143:63: error: cast from pointer to integer of different size [-Werror=pointer-to-int-cast]
  143 |                 ret = __hid_hw_output_report(dev, buf, count, (__u64)file, false);
      |                                                               ^
drivers/hid/hidraw.c:154:56: error: cast from pointer to integer of different size [-Werror=pointer-to-int-cast]
  154 |                                    HID_REQ_SET_REPORT, (__u64)file, false);
      |                                                        ^
drivers/hid/hidraw.c: In function ‘hidraw_get_report’:
drivers/hid/hidraw.c:231:56: error: cast from pointer to integer of different size [-Werror=pointer-to-int-cast]
  231 |                                    HID_REQ_GET_REPORT, (__u64)file, false);
      |                                                        ^

Apparently, on this architecture, sizeof(struct file *) != sizeof(__u64)?

→ 105 static ssize_t hidraw_send_report(struct file *file, const char __user *buffer, size_t count, unsigned char report_type)
  106 {
  107         unsigned int minor = iminor(file_inode(file));
  108         struct hid_device *dev;
  109         __u8 *buf;
  110         int ret = 0;
  111 
  112         lockdep_assert_held(&minors_rwsem);
  113 
  114         if (!hidraw_table[minor] || !hidraw_table[minor]->exist) {
  115                 ret = -ENODEV;
  116                 goto out;
  117         }
  118 
  119         dev = hidraw_table[minor]->hid;
  120 
  121         if (count > HID_MAX_BUFFER_SIZE) {
  122                 hid_warn(dev, "pid %d passed too large report\n",
  123                          task_pid_nr(current));
  124                 ret = -EINVAL;
  125                 goto out;
  126         }
  127 
  128         if (count < 2) {
  129                 hid_warn(dev, "pid %d passed too short report\n",
  130                          task_pid_nr(current));
  131                 ret = -EINVAL;
  132                 goto out;
  133         }
  134 
  135         buf = memdup_user(buffer, count);
  136         if (IS_ERR(buf)) {
  137                 ret = PTR_ERR(buf);
  138                 goto out;
  139         }
  140 
  141         if ((report_type == HID_OUTPUT_REPORT) &&
  142             !(dev->quirks & HID_QUIRK_NO_OUTPUT_REPORTS_ON_INTR_EP)) {
  143                 ret = __hid_hw_output_report(dev, buf, count, (__u64)file, false);
  144                 /*
  145                  * compatibility with old implementation of USB-HID and I2C-HID:
  146                  * if the device does not support receiving output reports,
  147                  * on an interrupt endpoint, fallback to SET_REPORT HID command.
  148                  */
  149                 if (ret != -ENOSYS)
  150                         goto out_free;
  151         }
  152         
  153         ret = __hid_hw_raw_request(dev, buf[0], buf, count, report_type,
→ 154                                    HID_REQ_SET_REPORT, (__u64)file, false);
  155 
  156 out_free:
  157         kfree(buf);
  158 out:    
  159         return ret;
  160 }

Thank you very much for examining this bug report.

Best regards,
Mirsad Todorovac

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ