Re: [PATCH v3] rtw_security: fix cast to restricted __le32

From: Jhih-Ming Huang
Date: Sat Jun 19 2021 - 05:20:36 EST

Next message: kewei.xu: "[PATCH] i2c: mediatek: Isolate speed setting via dts for special devices"
Previous message: Kalle Valo: "Re: [PATCH] ath10k: demote chan info without scan request warning"
In reply to: David Laight: "RE: [PATCH v5] rtw_security: fix cast to restricted __le32"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Jun 18, 2021 at 07:29:16PM +0000, Al Viro wrote:
> On Sat, Jun 19, 2021 at 02:17:51AM +0800, Jhih-Ming Huang wrote:
> > This patch fixes the sparse warning of fix cast to restricted __le32.
> >
> > There was a change for replacing private CRC-32 routines with in kernel
> > ones.
> > However, the author used le32_to_cpu to convert crc32_le(), and we
> > should cpu_to_le32.
> >
> > Ths commit also fixes the payload checking by memcmp instead of checking element
> > by element.
> >
> > Signed-off-by: Jhih-Ming Huang <fbihjmeric@xxxxxxxxx>
> > ---
> > drivers/staging/rtl8723bs/core/rtw_security.c | 7 +++----
> > 1 file changed, 3 insertions(+), 4 deletions(-)
> >
> > diff --git a/drivers/staging/rtl8723bs/core/rtw_security.c b/drivers/staging/rtl8723bs/core/rtw_security.c
> > index a99f439328f1..97a7485f8f58 100644
> > --- a/drivers/staging/rtl8723bs/core/rtw_security.c
> > +++ b/drivers/staging/rtl8723bs/core/rtw_security.c
> > @@ -121,7 +121,7 @@ void rtw_wep_decrypt(struct adapter *padapter, u8 *precvframe)
> > arc4_crypt(ctx, payload, payload, length);
> >
> > /* calculate icv and compare the icv */
> > - *((u32 *)crc) = le32_to_cpu(~crc32_le(~0, payload, length - 4));
> > + *crc = cpu_to_le32(~crc32_le(~0, payload, length - 4));
>
> Huh? crc is u8[4]; that assignment will truncate that le32 to u8 and store it in
> the first byte of your 4-element array. How the hell does sparse *not* complain
> on that?
facepalm... fixed in v4 PATCH.

thanks for your help.
>
> Either make crc __le32 (and turn assignment into crc = cpu_to_le32(...)), or
> make that *(__le32 *)crc = ...
>
> > @@ -618,10 +618,9 @@ u32 rtw_tkip_decrypt(struct adapter *padapter, u8 *precvframe)
> > arc4_setkey(ctx, rc4key, 16);
> > arc4_crypt(ctx, payload, payload, length);
> >
> > - *((u32 *)crc) = le32_to_cpu(~crc32_le(~0, payload, length - 4));
> > + *crc = cpu_to_le32(~crc32_le(~0, payload, length - 4));
>
> Ditto. Declare crc as __le32 and use
> crc = cpu_to_le32(~crc32_le(~0, payload, length - 4));
> here.

Next message: kewei.xu: "[PATCH] i2c: mediatek: Isolate speed setting via dts for special devices"
Previous message: Kalle Valo: "Re: [PATCH] ath10k: demote chan info without scan request warning"
In reply to: David Laight: "RE: [PATCH v5] rtw_security: fix cast to restricted __le32"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]