lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-Id: <201012291417.24424.dsterba@suse.cz> Date: Wed, 29 Dec 2010 14:17:22 +0100 From: David Sterba <dsterba@...e.cz> To: Dan Carpenter <error27@...il.com> Cc: mcarlson@...adcom.com, netdev@...r.kernel.org, linux-kernel@...r.kernel.org, Michael Chan <mchan@...adcom.com> Subject: Re: [PATCH] tg3: fix return value check in tg3_read_vpd() Hi, On Monday 27 December 2010 21:19:27 Dan Carpenter wrote: > Your fix is obviously correct, but could you describe the symptoms > in your changelog instead of leaving it blank? In the original code, > negative error values are ignored so we never goto out_not_found. Can > pci_read_vpd() return any errors we care about besides -ENODEV? What I > mean is, did you find this through analysing the code or did it cause a > bug at runtime? Although pci_read_vpd returns ENODEV directly, there is a call to vpd->read function which may return other error values and is eg. set to pci_vpd_pci22_read() : drivers/pci/access.c::pci_vpd_pci22_read() may return -EINVAL or -EINTR directly or -ETIMEDOUT or -EINTR via pci_vpd_pci22_wait() Yes, other negative values besides ETIMEDOUT and EINTR are ignored and after 3 attempts the pos != TG3_NVM_VPD_LEN check goes outwards. The fixed version allows to jump out immediately. So this does not manifest itself as a misbehaviour at runtime. It was found by code analysis. I'll post updated patch. dave -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists