lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 25 Apr 2016 19:53:39 +0200 From: Geert Uytterhoeven <geert@...ux-m68k.org> To: Vivien Didelot <vivien.didelot@...oirfairelinux.com> Cc: "David S. Miller" <davem@...emloft.net>, "netdev@...r.kernel.org" <netdev@...r.kernel.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org> Subject: Re: [PATCH] [RFC] net: dsa: mv88e6xxx: Pre-initialize err in mv88e6xxx_port_bridge_join() Hi Vivien, On Mon, Apr 25, 2016 at 7:31 PM, Vivien Didelot <vivien.didelot@...oirfairelinux.com> wrote: > Geert Uytterhoeven <geert@...ux-m68k.org> writes: >> On Mon, Apr 25, 2016 at 5:03 PM, Vivien Didelot >> <vivien.didelot@...oirfairelinux.com> wrote: >>> Geert Uytterhoeven <geert@...ux-m68k.org> writes: >>>> drivers/net/dsa/mv88e6xxx.c: In function ‘mv88e6xxx_port_bridge_join’: >>>> drivers/net/dsa/mv88e6xxx.c:2184: warning: ‘err’ may be used uninitialized in this function >>> >>> Interesting, I don't have those warnings on 207afda1b5036009... >> >> It depends on the compiler version (still using 4.1.2) and options. >> >>>> If netdev_notifier_changeupper_info.upper_dev is ever NULL, the bridge >>>> parameter will be NULL too, and the function will return an >>>> uninitialized value. >>>> >>>> Pre-initialize err to zero to fix this. >>>> >>>> Fixes: 207afda1b5036009 ("net: dsa: mv88e6xxx: share the same default FDB") >>>> Signed-off-by: Geert Uytterhoeven <geert@...ux-m68k.org> >>>> --- >>>> Can this actually happen? >>> >>> bridge cannot be NULL here. Also ps->ports[port].bridge_dev is assigned >>> to it before entering the for loop, so _mv88e6xxx_port_based_vlan_map >>> will be called at least for this port. >> >> But there's no way the compiler can know that... > > Or maybe it can in new configurations. Anyway, this fix doesn't hurt, > with a relevant commit message, I'd ack it. What would you consider a relevant commit message? Thanks! Gr{oetje,eeting}s, Geert -- Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@...ux-m68k.org In personal conversations with technical people, I call myself a hacker. But when I'm talking to journalists I just say "programmer" or something like that. -- Linus Torvalds
Powered by blists - more mailing lists