lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <a6deb8d0-dc8e-4d4a-94d2-ed2617091eef@rowland.harvard.edu>
Date: Wed, 13 Aug 2025 09:59:05 -0400
From: Alan Stern <stern@...land.harvard.edu>
To: Thorsten Blum <thorsten.blum@...ux.dev>
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
	linux-usb@...r.kernel.org, usb-storage@...ts.one-eyed-alien.net,
	linux-kernel@...r.kernel.org
Subject: Re: [usb-storage] [PATCH 1/3] usb: storage: realtek_cr: Improve
 function parameter data types

On Wed, Aug 13, 2025 at 12:12:47PM +0200, Thorsten Blum wrote:
> In rts51x_bulk_transport() and rts51x_read_status(), change the function
> parameters 'buf_len' and 'len' from 'int' to 'unsigned int' because
> their values cannot be negative.
> 
> Signed-off-by: Thorsten Blum <thorsten.blum@...ux.dev>
> ---
>  drivers/usb/storage/realtek_cr.c | 5 +++--
>  1 file changed, 3 insertions(+), 2 deletions(-)
> 
> diff --git a/drivers/usb/storage/realtek_cr.c b/drivers/usb/storage/realtek_cr.c
> index 7dea28c2b8ee..d2c3e3a39693 100644
> --- a/drivers/usb/storage/realtek_cr.c
> +++ b/drivers/usb/storage/realtek_cr.c
> @@ -199,7 +199,8 @@ static const struct us_unusual_dev realtek_cr_unusual_dev_list[] = {
>  #undef UNUSUAL_DEV
>  
>  static int rts51x_bulk_transport(struct us_data *us, u8 lun,
> -				 u8 *cmd, int cmd_len, u8 *buf, int buf_len,
> +				 u8 *cmd, int cmd_len, u8 *buf,
> +				 unsigned int buf_len,
>  				 enum dma_data_direction dir, int *act_len)
>  {
>  	struct bulk_cb_wrap *bcb = (struct bulk_cb_wrap *)us->iobuf;
> @@ -417,7 +418,7 @@ static int rts51x_write_mem(struct us_data *us, u16 addr, u8 *data, u16 len)
>  }
>  
>  static int rts51x_read_status(struct us_data *us,
> -			      u8 lun, u8 *status, int len, int *actlen)
> +			      u8 lun, u8 *status, unsigned int len, int *actlen)
>  {
>  	int retval;
>  	u8 cmnd[12] = { 0 };

I just looked through the original source file.  What about 
rts51x_bulk_transport_special()?  Shouldn't its buf_len parameter also 
be unsigned?

For that matter, what about cmd_len in both routines?

And have you checked the corresponding values in all the other 
usb-storage subdrivers?

As you can see, worrying about the difference between signed and 
unsigned values, when it doesn't really matter, quickly leads to a 
morass.

Alan Stern

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ