lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Sat, 16 Apr 2022 14:05:19 +0300
From:   Pavel Skripkin <>
To:     David Kahurani <>,
Subject: Re: [PATCH] net: ax88179: add proper error handling of usb read

Hi David,

Almost perfect, please see one comment inline

On 4/16/22 10:48, David Kahurani wrote:
> Reads that are lesser than the requested size lead to uninit-value bugs.
> In this particular case a variable which was supposed to be initialized
> after a read is left uninitialized after a partial read.
> Qualify such reads as errors and handle them correctly and while at it
> convert the reader functions to return zero on success for easier error
> handling.
> Fixes: e2ca90c276e1 ("ax88179_178a: ASIX AX88179_178A USB 3.0/2.0 to
> gigabit ethernet adapter driver")
> Signed-off-by: David Kahurani <>
> Reported-and-tested-by:
> ---

[code snip]

> @@ -416,7 +441,7 @@ ax88179_phy_write_mmd_indirect(struct usbnet *dev, u16 prtad, u16 devad,
>   	ret = ax88179_write_cmd(dev, AX_ACCESS_PHY, AX88179_PHY_ID,
>   				MII_MMD_DATA, 2, &data);
> -	if (ret < 0)
> +	if (ret)
>   		return ret;

I think, you didn't mean to do so. ax88179_write_cmd() returns number of 
bytes written, so you are changing the logic here. And write call is not 
related to uninit value bugs

With regards,
Pavel Skripkin

Download attachment "OpenPGP_signature" of type "application/pgp-signature" (841 bytes)

Powered by blists - more mailing lists