lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <018e525e-809c-4c69-a948-a1278af1ff2d@linuxfoundation.org>
Date: Wed, 9 Oct 2024 14:38:03 -0600
From: Shuah Khan <skhan@...uxfoundation.org>
To: "Everest K.C." <everestkc@...restkc.com.np>, viro@...iv.linux.org.uk,
 brauner@...nel.org, jack@...e.cz
Cc: linux-fsdevel@...r.kernel.org, kernel-janitors@...r.kernel.org,
 linux-kernel@...r.kernel.org, Shuah Khan <skhan@...uxfoundation.org>
Subject: Re: [PATCH][next] fs: Fix uninitialized scalar variable now

On 10/9/24 14:05, Everest K.C. wrote:
> Variable `now` is declared without initialization. The variable
> could be accessed inside the if-else statements following the
> variable declaration, before it has been initialized.

It could be, but it isn't. I am not sure if this change is needed.
> 
> This patch initializes the variable to
> `inode_set_ctime_current(inode)` by default.

Instead of "This patch initializes", change it to "Initialize ..."
Do refer to submitting patches document for information on how
to write change logs.

> 
> This issue was reported by Coverity Scan.

Include the the error/report from Coverity.

> 
> Signed-off-by: Everest K.C. <everestkc@...restkc.com.np>
> ---
>   fs/attr.c | 4 +---
>   1 file changed, 1 insertion(+), 3 deletions(-)
> 
> diff --git a/fs/attr.c b/fs/attr.c
> index c614b954bda5..77523af2e62d 100644
> --- a/fs/attr.c
> +++ b/fs/attr.c
> @@ -284,7 +284,7 @@ EXPORT_SYMBOL(inode_newsize_ok);
>   static void setattr_copy_mgtime(struct inode *inode, const struct iattr *attr)
>   {
>   	unsigned int ia_valid = attr->ia_valid;
> -	struct timespec64 now;
> +	struct timespec64 now = inode_set_ctime_current(inode);
>   
>   	if (ia_valid & ATTR_CTIME) {
>   		/*
> @@ -293,8 +293,6 @@ static void setattr_copy_mgtime(struct inode *inode, const struct iattr *attr)
>   		 */
>   		if (ia_valid & ATTR_DELEG)
>   			now = inode_set_ctime_deleg(inode, attr->ia_ctime);
> -		else
> -			now = inode_set_ctime_current(inode);

The code is clear and easy to read the way it is since it handles both cases
and does appropriate initialization.


>   	} else {
>   		/* If ATTR_CTIME isn't set, then ATTR_MTIME shouldn't be either. */
>   		WARN_ON_ONCE(ia_valid & ATTR_MTIME);

I will leave it up to the maintainers to decide whether to take
this change or not.

thanks,
-- Shuah

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ