| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025041107-postbox-bonanza-2049@gregkh> Date: Fri, 11 Apr 2025 13:28:01 +0200 From: Greg KH <gregkh@...uxfoundation.org> To: Purva Yeshi <purvayeshi550@...il.com> Cc: jirislaby@...nel.org, tglx@...utronix.de, hdegoede@...hat.com, mingo@...nel.org, linux-kernel@...r.kernel.org, linux-serial@...r.kernel.org Subject: Re: [PATCH] tty: vt: keyboard: Fix uninitialized variables in vt_do_kdgkb_ioctl On Fri, Apr 11, 2025 at 04:45:48PM +0530, Purva Yeshi wrote: > Fix Smatch-detected issue: > > drivers/tty/vt/keyboard.c:2106 vt_do_kdgkb_ioctl() error: > uninitialized symbol 'kbs'. > drivers/tty/vt/keyboard.c:2108 vt_do_kdgkb_ioctl() error: > uninitialized symbol 'ret'. > > Fix uninitialized variable warnings reported by Smatch in > vt_do_kdgkb_ioctl(). The variables kbs and ret were used in the kfree > and return statements without guaranteed initialization paths, leading to > potential undefined behavior or false positives during static analysis. > > Initialize char *kbs to NULL and int ret to -EINVAL at declaration. > This ensures safe use of kfree(kbs) and return ret regardless of control > flow. Also add a default case in the switch to preserve fallback behavior. When you say "also" in a patch, that is a HUGE flag that this should be split up into a separate change. Please do that here, don't mix changes that have nothing to do with each other together into one. Also, why isn't the compilers noticing that these are uninitialized variables? Are you sure the warning is correct? thanks, greg k-h
Powered by blists - more mailing lists