| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 2 Oct 2023 18:28:53 +0300
From: Vladimir Oltean <olteanv@...il.com>
To: Oleksij Rempel <o.rempel@...gutronix.de>
Cc: Dan Carpenter <dan.carpenter@...aro.org>,
Oleksij Rempel <linux@...pel-privat.de>,
Woojung Huh <woojung.huh@...rochip.com>,
UNGLinuxDriver@...rochip.com, Andrew Lunn <andrew@...n.ch>,
Florian Fainelli <f.fainelli@...il.com>,
"David S. Miller" <davem@...emloft.net>,
Eric Dumazet <edumazet@...gle.com>,
Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>,
netdev@...r.kernel.org, kernel-janitors@...r.kernel.org
Subject: Re: [PATCH net-next] net: dsa: microchip: Uninitialized variable in
ksz9477_acl_move_entries()
Hi Oleksij,
On Wed, Sep 27, 2023 at 04:46:24PM +0200, Oleksij Rempel wrote:
> On Wed, Sep 27, 2023 at 03:53:37PM +0300, Dan Carpenter wrote:
> > Smatch complains that if "src_idx" equals "dst_idx" then
> > ksz9477_validate_and_get_src_count() doesn't initialized "src_count".
> > Set it to zero for this situation.
> >
> > Fixes: 002841be134e ("net: dsa: microchip: Add partial ACL support for ksz9477 switches")
> > Signed-off-by: Dan Carpenter <dan.carpenter@...aro.org>
>
> Reviewed-by: Oleksij Rempel <o.rempel@...gutronix.de>
>
> Thank you!
>
> > ---
> > drivers/net/dsa/microchip/ksz9477_acl.c | 3 ++-
> > 1 file changed, 2 insertions(+), 1 deletion(-)
> >
> > diff --git a/drivers/net/dsa/microchip/ksz9477_acl.c b/drivers/net/dsa/microchip/ksz9477_acl.c
> > index 06d74c19eb94..e554cd4a024b 100644
> > --- a/drivers/net/dsa/microchip/ksz9477_acl.c
> > +++ b/drivers/net/dsa/microchip/ksz9477_acl.c
> > @@ -554,7 +554,8 @@ static int ksz9477_acl_move_entries(struct ksz_device *dev, int port,
> > struct ksz9477_acl_entry buffer[KSZ9477_ACL_MAX_ENTRIES];
> > struct ksz9477_acl_priv *acl = dev->ports[port].acl_priv;
> > struct ksz9477_acl_entries *acles = &acl->acles;
> > - int src_count, ret, dst_count;
> > + int ret, dst_count;
> > + int src_count = 0;
> >
> > ret = ksz9477_validate_and_get_src_count(dev, port, src_idx, dst_idx,
> > &src_count, &dst_count);
> > --
> > 2.39.2
> >
> >
> >
>
> --
> Pengutronix e.K. | |
> Steuerwalder Str. 21 | http://www.pengutronix.de/ |
> 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 |
> Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
For the case where src_idx == dst_idx that Dan points out, is this patch
sufficient to ensure that ksz9477_acl_move_entries() will not execute
unwanted code paths? For example, it will still call ksz9477_move_entries_upwards(),
which from what I can tell, will do something given the way in which it's written.
Perhaps it would be better to move this line:
/* Nothing to do */
if (src_idx == dst_idx)
return 0;
outside of ksz9477_validate_and_get_src_count() and into its single caller,
ksz9477_acl_move_entries()?
Powered by blists - more mailing lists