| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <52C5E5F5.8030200@lwfinger.net> Date: Thu, 02 Jan 2014 16:19:33 -0600 From: Larry Finger <Larry.Finger@...inger.net> To: Dan Carpenter <dan.carpenter@...cle.com> CC: gregkh@...uxfoundation.org, devel@...verdev.osuosl.org, netdev@...r.kernel.org Subject: Re: [PATCH 31/31] staging: r8188eu: Fix smatch error On 01/02/2014 02:44 AM, Dan Carpenter wrote: > On Sun, Dec 22, 2013 at 05:37:02PM -0600, Larry Finger wrote: >> Smatch shows the following: >> >> CHECK drivers/staging/rtl8188eu/core/rtw_mlme_ext.c >> drivers/staging/rtl8188eu/core/rtw_mlme_ext.c:1401 OnAssocReq() error: buffer overflow 'pstapriv->sta_aid' 32 <= 32 >> > > This is a false positive in Smatch. Don't do work arounds for buggy > tools. > > If you have the cross function database built on the latest version of > Smatch then I think it understands the code correctly and doesn't print > a warning. When I analyzed the loop in question, I thought it resulted in a subscript of [NUM_STA], but I now see that the largest one is [NUM_STA-1]. I will drop this patch in the next round. Thanks for the info regarding a new version of Smatch. I'll update now. Larry -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists