Re: [PATCH v3] net: asix: fix uninit value bugs

From: Andrew Lunn
Date: Sat Aug 14 2021 - 11:37:05 EST

Next message: Andrew Lunn: "Re: [PATCH] Documentation: arm: marvell: Add 88F6825 model into list"
Previous message: Pali Rohár: "Re: [PATCH] Documentation: arm: marvell: Add 88F6825 model into list"
In reply to: Pavel Skripkin: "[PATCH v3] net: asix: fix uninit value bugs"
Next in thread: Pavel Skripkin: "Re: [PATCH v3] net: asix: fix uninit value bugs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, Aug 14, 2021 at 04:55:05PM +0300, Pavel Skripkin wrote:
> Syzbot reported uninit-value in asix_mdio_read(). The problem was in
> missing error handling. asix_read_cmd() should initialize passed stack
> variable smsr, but it can fail in some cases. Then while condidition
> checks possibly uninit smsr variable.
>
> Since smsr is uninitialized stack variable, driver can misbehave,
> because smsr will be random in case of asix_read_cmd() failure.
> Fix it by adding error handling and just continue the loop instead of
> checking uninit value.
>
> Also, same loop was used in 3 other functions. Fixed uninit value bug
> in them too.

Hi Pavel

Which suggests it might make sense to refactor the code to make a
helper? I will leave you to decide if you want to do that.

The code does looks correct now.

Andrew

Next message: Andrew Lunn: "Re: [PATCH] Documentation: arm: marvell: Add 88F6825 model into list"
Previous message: Pali Rohár: "Re: [PATCH] Documentation: arm: marvell: Add 88F6825 model into list"
In reply to: Pavel Skripkin: "[PATCH v3] net: asix: fix uninit value bugs"
Next in thread: Pavel Skripkin: "Re: [PATCH v3] net: asix: fix uninit value bugs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]