lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <CAJ-ks9k_Tu8p9io9iyn4L5Brow+DdVDYdMqcDovfyjvOvKPX2g@mail.gmail.com>
Date: Mon, 9 Dec 2024 17:28:17 -0500
From: Tamir Duberstein <tamird@...il.com>
To: Andy Whitcroft <apw@...onical.com>, Joe Perches <joe@...ches.com>, 
	Dwaipayan Ray <dwaipayanray1@...il.com>, Lukas Bulwahn <lukas.bulwahn@...il.com>, 
	Andrew Morton <akpm@...ux-foundation.org>
Cc: linux-kernel@...r.kernel.org
Subject: Re: [PATCH] checkpatch: check return of `git_commit_info`

On Wed, Dec 4, 2024 at 1:41 PM Tamir Duberstein <tamird@...il.com> wrote:
>
> Avoid string concatenation with an undefined variable when a reference
> to a missing commit is contained in a `Fixes` tag.
>
> Given this patch:
>
> : From: Tamir Duberstein <tamird@...il.com>
> : Subject: Test patch
> : Date: Fri, 25 Oct 2024 19:30:51 -0400
> :
> : This is a test patch.
> :
> : Fixes: deadbeef111
> : Signed-off-by: Tamir Duberstein <tamird@...il.com>
> : --- /dev/null
> : +++ b/new-file
> : @@ -0,0 +1 @@
> : +Test.
>
> Before:
>
> WARNING: Please use correct Fixes: style 'Fixes: <12 chars of sha1> ("<title line>")' - ie: 'Fixes:  ("commit title")'
> WARNING: Unknown commit id 'deadbeef111', maybe rebased or not pulled?
> Use of uninitialized value $cid in concatenation (.) or string at scripts/checkpatch.pl line 3242.
>
> After:
>
> WARNING: Unknown commit id 'deadbeef111', maybe rebased or not pulled?
>
> This patch also reduce duplication slightly.
>
> Signed-off-by: Tamir Duberstein <tamird@...il.com>
> ---
>  scripts/checkpatch.pl | 8 ++++----
>  1 file changed, 4 insertions(+), 4 deletions(-)
>
> diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl
> index 9eed3683ad76caffbbb2418e5dbea7551d374406..14639f83be91643245bba3aea6a980d50c04b1cc 100755
> --- a/scripts/checkpatch.pl
> +++ b/scripts/checkpatch.pl
> @@ -3237,12 +3237,12 @@ sub process {
>                         my ($cid, $ctitle) = git_commit_info($orig_commit, $id,
>                                                              $title);
>
> -                       if ($ctitle ne $title || $tag_case || $tag_space ||
> -                           $id_length || $id_case || !$title_has_quotes) {
> +                       if (defined($cid) && ($ctitle ne $title || $tag_case || $tag_space || $id_length || $id_case || !$title_has_quotes)) {
> +                               my $fixed = "Fixes: $cid (\"$ctitle\")";
>                                 if (WARN("BAD_FIXES_TAG",
> -                                    "Please use correct Fixes: style 'Fixes: <12 chars of sha1> (\"<title line>\")' - ie: 'Fixes: $cid (\"$ctitle\")'\n" . $herecurr) &&
> +                                    "Please use correct Fixes: style 'Fixes: <12 chars of sha1> (\"<title line>\")' - ie: '$fixed'\n" . $herecurr) &&
>                                     $fix) {
> -                                       $fixed[$fixlinenr] = "Fixes: $cid (\"$ctitle\")";
> +                                       $fixed[$fixlinenr] = $fixed;
>                                 }
>                         }
>                 }
>
> ---
> base-commit: 40384c840ea1944d7c5a392e8975ed088ecf0b37
> change-id: 20241204-checkpatch-missing-commit-28b591b52dd1
>
> Best regards,
> --
> Tamir Duberstein <tamird@...il.com>

Hi Andrew, would you mind having a look at this patch?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ