| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <173339519116.766262.7666020579808375858.b4-ty@bootlin.com> Date: Thu, 5 Dec 2024 11:43:29 +0100 From: Miquel Raynal <miquel.raynal@...tlin.com> To: Kyungmin Park <kyungmin.park@...sung.com>, Ivan Stepchenko <sid@....spb.ru> Cc: Miquel Raynal <miquel.raynal@...tlin.com>, Richard Weinberger <richard@....at>, Vignesh Raghavendra <vigneshr@...com>, Artem Bityutskiy <Artem.Bityutskiy@...ia.com>, David Woodhouse <dwmw2@...radead.org>, linux-mtd@...ts.infradead.org, linux-kernel@...r.kernel.org, lvc-project@...uxtesting.org, stable@...r.kernel.org Subject: Re: [PATCH] mtd: onenand: Fix uninitialized retlen in do_otp_read() On Thu, 14 Nov 2024 16:29:51 +0300, Ivan Stepchenko wrote: > The function do_otp_read() does not set the output parameter *retlen, > which is expected to contain the number of bytes actually read. > As a result, in onenand_otp_walk(), the tmp_retlen variable remains > uninitialized after calling do_otp_walk() and used to change > the values of the buf, len and retlen variables. > > Found by Linux Verification Center (linuxtesting.org) with SVACE. > > [...] Applied to nand/next, thanks! [1/1] mtd: onenand: Fix uninitialized retlen in do_otp_read() Patche(s) will be available within hours on: mtd/linux.git Kind regards, Miquèl
Powered by blists - more mailing lists