Re: [PATCH] mtd: rawnand: fsl_upm: Fix an off-by one test in fun_exec_op()

From: Dan Carpenter
Date: Fri Jul 21 2023 - 03:00:05 EST

Next message: sunran001: "[PATCH] drm/radeon: ERROR: "foo * bar" should be "foo *bar""
Previous message: Tony Lindgren: "Re: [PATCH v2 1/3] serial: core: Controller id cannot be negative"
In reply to: Dan Carpenter: "Re: [PATCH] mtd: rawnand: fsl_upm: Fix an off-by one test in fun_exec_op()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Jul 21, 2023 at 09:55:02AM +0300, Dan Carpenter wrote:
> On Fri, Jul 21, 2023 at 08:37:02AM +0300, Dan Carpenter wrote:
> > Harshit and I were mucking with this about yesterday. He made
> > Coccinelle script as well.
> >
> > We found three bugs in max9286_parse_dt(), hisi_inno_phy_probe() and
> > jent_testing_store(). Only the one in hisi_inno_phy_probe() is real
> > life bad because the others do an out of bounds check followed by a
> > mask.
>
> Actually wait. hisi_inno_phy_probe() is not a bug at all.
> MAX9286_NUM_GMSL and MAX9286_NUM_GMSL are both 4.

Gar, wow. hisi_inno_phy_probe() is a bug. max9286_parse_dt() is not
a bug.

Smatch would have found max9286_parse_dt() if it had been a bug. The
reason why smatch didn't find hisi_inno_phy_probe() is because of how
Smatch takes a short cut when parsing loops.

regards,
dan carpenter

Next message: sunran001: "[PATCH] drm/radeon: ERROR: "foo * bar" should be "foo *bar""
Previous message: Tony Lindgren: "Re: [PATCH v2 1/3] serial: core: Controller id cannot be negative"
In reply to: Dan Carpenter: "Re: [PATCH] mtd: rawnand: fsl_upm: Fix an off-by one test in fun_exec_op()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]