lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <5369c64b-ba14-481c-8156-62a2efa5f447@gmail.com>
Date: Tue, 22 Apr 2025 22:41:20 +0100
From: "Colin King (gmail)" <colin.i.king@...il.com>
To: AngeloGioacchino Del Regno <angelogioacchino.delregno@...labora.com>,
 Neil Armstrong <neil.armstrong@...aro.org>
Cc: dri-devel@...ts.freedesktop.org, devicetree@...r.kernel.org,
 linux-kernel@...r.kernel.org, kernel@...labora.com,
 "Richard_j_nixon@...mail.com" <Richard_j_nixon@...mail.com>
Subject: re: drm: panel: Add driver for Himax HX8279 DDIC panels

Hi,

static analysis on today's linux-next has found two issues with the 
following commit:

commit 38d42c261389985e8dd4739dbd97e2dc855e8dd0
Author: AngeloGioacchino Del Regno <angelogioacchino.delregno@...labora.com>
Date:   Mon Apr 14 10:29:18 2025 +0200

     drm: panel: Add driver for Himax HX8279 DDIC panels


In the following code, boolean variables goa_odd_valid and 
goa_even_valid are not initialized. They are only being set (to false) 
on the num_zero if statements:

static int hx8279_check_goa_config(struct hx8279 *hx, struct device *dev)
{
         const struct hx8279_panel_desc *desc = hx->desc;
         bool goa_odd_valid, goa_even_valid;
         int i, num_zero, num_clr = 0;

         /* Up to 4 zero values is a valid configuration. Check them all. */
         num_zero = 1;
         for (i = 0; i < ARRAY_SIZE(desc->goa_odd_timing); i++) {
                 if (desc->goa_odd_timing[i])
                         num_zero++;
         }

         if (num_zero == ARRAY_SIZE(desc->goa_odd_timing))
                 goa_odd_valid = false;

         /* Up to 3 zeroes is a valid config. Check them all. */
         num_zero = 1;
         for (i = 0; i < ARRAY_SIZE(desc->goa_even_timing); i++) {
                 if (desc->goa_even_timing[i])
                         num_zero++;
         }

         if (num_zero == ARRAY_SIZE(desc->goa_even_timing))
                 goa_even_valid = false;


and so the following two checks on the boolean variables is on 
potentially uninitialized values:

         /* Programming one without the other would make no sense! */
         if (goa_odd_valid != goa_even_valid)
                 return -EINVAL;

         /* We know that both are either true or false now, check just 
one */
         if (!goa_odd_valid)
                 hx->skip_goa_timing = true;


Colin

Download attachment "OpenPGP_0x68C287DFC6A80226.asc" of type "application/pgp-keys" (4825 bytes)

Download attachment "OpenPGP_signature.asc" of type "application/pgp-signature" (841 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ