lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Thu, 7 Jul 2022 14:55:29 -0700
From:   Nick Desaulniers <ndesaulniers@...gle.com>
To:     Tom Rix <trix@...hat.com>
Cc:     gregory.greenman@...el.com, kvalo@...nel.org, davem@...emloft.net,
        edumazet@...gle.com, kuba@...nel.org, pabeni@...hat.com,
        nathan@...nel.org, luciano.coelho@...el.com,
        ayala.barazani@...el.com, miriam.rachel.korenblit@...el.com,
        johannes.berg@...el.com, matt.chen@...el.com,
        linux-wireless@...r.kernel.org, netdev@...r.kernel.org,
        linux-kernel@...r.kernel.org, llvm@...ts.linux.dev
Subject: Re: [PATCH] iwlwifi: mvm: return an error if setting tbl_rev fails

On Sat, Jul 2, 2022 at 8:10 AM Tom Rix <trix@...hat.com> wrote:
>
> clang static analysis reports
> drivers/net/wireless/intel/iwlwifi/fw/acpi.c:1048:17: warning: Assigned value is garbage or undefined [core.uninitialized.Assign]
>         fwrt->ppag_ver = tbl_rev;
>                        ^ ~~~~~~~
> tbl_rev is optionaly set by a series of calls to iwl_acpi_get_wifi_pkg()
> and then jumping to the read_table when a call is successful.  The
> error case when all the call fails is not handled.  On all failed,
> the code flow falls through to the read_table label.  Add an error
> handler for the all fail case.
>
> Fixes: e8e10a37c51c ("iwlwifi: acpi: move ppag code from mvm to fw/acpi")
> Signed-off-by: Tom Rix <trix@...hat.com>
> ---
>  drivers/net/wireless/intel/iwlwifi/fw/acpi.c | 3 +++
>  1 file changed, 3 insertions(+)
>
> diff --git a/drivers/net/wireless/intel/iwlwifi/fw/acpi.c b/drivers/net/wireless/intel/iwlwifi/fw/acpi.c
> index e6d64152c81a..1ef1e26c3206 100644
> --- a/drivers/net/wireless/intel/iwlwifi/fw/acpi.c
> +++ b/drivers/net/wireless/intel/iwlwifi/fw/acpi.c
> @@ -1044,6 +1044,9 @@ int iwl_acpi_get_ppag_table(struct iwl_fw_runtime *fwrt)
>                 goto read_table;

Thanks for the patch!

I wonder why the pre-existing code had a goto to a label that was the
subsequent statement? That's strange; maybe something was in between
them before, was removed, and that wasn't cleaned up?

I think the whole `if (!IS_ERR(wifi_pkg))` block would be clearer if this was:

...
wifi_pkg = iwl_acpi_get_wifi_pkg(fwrt->dev, data,
    ACPI_PPAG_WIFI_DATA_SIZE_V1, &tbl_rev);
if (IS_ERR(wifi_pkg) || tbl_rev != 0) {
    ret = -EINVAL;
    goto out_free;
}
num_sub_bands = IWL_NUM_SUB_BANDS_V1;
IWL_DEBUG_RADIO(fwrt, "Reading PPAG table v1 (tbl_rev=0)\n");
read_table:
...

rather than the existing spaghetti. Apologies for my formatting.

>         }
>
> +       ret = -EINVAL;
> +       goto out_free;
> +
>  read_table:
>         fwrt->ppag_ver = tbl_rev;
>         flags = &wifi_pkg->package.elements[1];
> --
> 2.27.0
>


-- 
Thanks,
~Nick Desaulniers

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ