lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <fc49c34ef7dd4fbab424a83b28bff870@ite.com.tw>
Date: Tue, 7 Jan 2025 09:45:21 +0000
From: <Hermes.Wu@....com.tw>
To: <colin.i.king@...il.com>
CC: <andrzej.hajda@...el.com>, <neil.armstrong@...aro.org>, <rfoss@...nel.org>,
        <Laurent.pinchart@...asonboard.com>, <jonas@...boo.se>,
        <jernej.skrabec@...il.com>, <dri-devel@...ts.freedesktop.org>,
        <linux-kernel@...r.kernel.org>
Subject: RE: drm/bridge: it6505: fix HDCP CTS compare V matching

Hi

>-----Original Message-----
>From: Colin King (gmail) <colin.i.king@...il.com> 
>Sent: Tuesday, January 7, 2025 5:31 PM
>To: Hermes Wu (吳佳宏) <Hermes.Wu@....com.tw>
>Cc: Andrzej Hajda <andrzej.hajda@...el.com>; Neil Armstrong <neil.armstrong@...aro.org>; Robert Foss <rfoss@...nel.org>; Laurent Pinchart <Laurent.pinchart@...asonboard.com>; Jonas Karlman <jonas@...boo.se>; Jernej Skrabec <jernej.skrabec@...il.com>; dri-devel@...ts.freedesktop.org; linux-kernel@...r.kernel.org
>Subject: re: drm/bridge: it6505: fix HDCP CTS compare V matching
>
>Hi,
>
>static analysis on Linux-next has found a potential issue with the following commit:
>
>commit 0989c02c7a5c887c70deafen80c64d0291624e1a7
>Author: Hermes Wu <hermes.wu@....com.tw>
>Date:   Mon Dec 30 18:51:26 2024 +0800
>
>     drm/bridge: it6505: fix HDCP CTS compare V matching
>
>
>The issue is as follows:
>
>Source: drivers/gpu/drm/bridge/ite-it6505.c, function: 
>it6505_hdcp_part2_ksvlist_check:
>
>             for (i = 0; i < 5; i++) {
>                    if (bv[i][3] != av[i][0] || bv[i][2] != av[i][1] ||
>                        av[i][1] != av[i][2] || bv[i][0] != av[i][3])
>                             break;
>
>                     DRM_DEV_DEBUG_DRIVER(dev, "V' all match!! %d, %d", retry, i);
>                     return true;
>             }

It should check if the for loop reach i == 4 before return true.

I will fix it,

thanks

>
>in the above for-loop, only iteration with i = 0 is performed, either 
>the if statement breaks out of the loop if the condition is true or
>we reach the return true statement. Both conditions means the loop is 
>never iterated, yet the loop is expected to iterate for 5 times. This 
>looks incorrect.
>
>Colin
>

>
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ