* Re: [PATCH] Input: hideep - fix the uninitialized use in hideep_nvm_unlock() [not found] <CABvMjLRxy1yqXUOWqTTeq=UOsLtuPAyOSCi4SPgcbAqjMuWCCg@mail.gmail.com> @ 2021-06-20 5:10 ` Dmitry Torokhov 2021-06-20 5:26 ` Dmitry Torokhov 0 siblings, 1 reply; 8+ messages in thread From: Dmitry Torokhov @ 2021-06-20 5:10 UTC (permalink / raw) To: Yizhuo Zhai, Anthony Kim; +Cc: linux-input, linux-kernel On Wed, Jun 16, 2021 at 03:48:51PM -0700, Yizhuo Zhai wrote: > Inside function hideep_nvm_unlock(), variable "unmask_code" could > be uninitialized if hideep_pgm_r_reg() returns error, however, it > is used in the later if statement after an "and" operation, which > is potentially unsafe. I think this is pretty sensible, but let's see if the original author has some comments... > > Signed-off-by: Yizhuo <yzhai003@ucr.edu> > --- > drivers/input/touchscreen/hideep.c | 10 ++++++++-- > 1 file changed, 8 insertions(+), 2 deletions(-) > > diff --git a/drivers/input/touchscreen/hideep.c > b/drivers/input/touchscreen/hideep.c > index ddad4a82a5e5..f860a815b603 100644 > --- a/drivers/input/touchscreen/hideep.c > +++ b/drivers/input/touchscreen/hideep.c > @@ -364,9 +364,13 @@ static int hideep_enter_pgm(struct hideep_ts *ts) > static void hideep_nvm_unlock(struct hideep_ts *ts) > { > u32 unmask_code; > + int ret; > > hideep_pgm_w_reg(ts, HIDEEP_FLASH_CFG, HIDEEP_NVM_SFR_RPAGE); > - hideep_pgm_r_reg(ts, 0x0000000C, &unmask_code); > + ret = hideep_pgm_r_reg(ts, 0x0000000C, &unmask_code); > + if (ret) > + return ret; > + > hideep_pgm_w_reg(ts, HIDEEP_FLASH_CFG, HIDEEP_NVM_DEFAULT_PAGE); > > /* make it unprotected code */ > @@ -462,7 +466,9 @@ static int hideep_program_nvm(struct hideep_ts *ts, > u32 addr = 0; > int error; > > - hideep_nvm_unlock(ts); > + error = hideep_nvm_unlock(ts); > + if (error) > + return error; > > while (ucode_len > 0) { > xfer_len = min_t(size_t, ucode_len, HIDEEP_NVM_PAGE_SIZE); > -- > 2.17.1 -- Dmitry ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH] Input: hideep - fix the uninitialized use in hideep_nvm_unlock() 2021-06-20 5:10 ` [PATCH] Input: hideep - fix the uninitialized use in hideep_nvm_unlock() Dmitry Torokhov @ 2021-06-20 5:26 ` Dmitry Torokhov 2021-06-20 5:35 ` Dmitry Torokhov 0 siblings, 1 reply; 8+ messages in thread From: Dmitry Torokhov @ 2021-06-20 5:26 UTC (permalink / raw) To: Yizhuo Zhai, Anthony Kim; +Cc: linux-input, linux-kernel On Sat, Jun 19, 2021 at 10:10:37PM -0700, Dmitry Torokhov wrote: > On Wed, Jun 16, 2021 at 03:48:51PM -0700, Yizhuo Zhai wrote: > > Inside function hideep_nvm_unlock(), variable "unmask_code" could > > be uninitialized if hideep_pgm_r_reg() returns error, however, it > > is used in the later if statement after an "and" operation, which > > is potentially unsafe. > > I think this is pretty sensible, but let's see if the original author > has some comments... I guess not. Oh well... Applied, thank you. -- Dmitry ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH] Input: hideep - fix the uninitialized use in hideep_nvm_unlock() 2021-06-20 5:26 ` Dmitry Torokhov @ 2021-06-20 5:35 ` Dmitry Torokhov 2021-06-20 6:00 ` Yizhuo Zhai 0 siblings, 1 reply; 8+ messages in thread From: Dmitry Torokhov @ 2021-06-20 5:35 UTC (permalink / raw) To: Yizhuo Zhai, Anthony Kim; +Cc: linux-input, linux-kernel On Sat, Jun 19, 2021 at 10:26:40PM -0700, Dmitry Torokhov wrote: > On Sat, Jun 19, 2021 at 10:10:37PM -0700, Dmitry Torokhov wrote: > > On Wed, Jun 16, 2021 at 03:48:51PM -0700, Yizhuo Zhai wrote: > > > Inside function hideep_nvm_unlock(), variable "unmask_code" could > > > be uninitialized if hideep_pgm_r_reg() returns error, however, it > > > is used in the later if statement after an "and" operation, which > > > is potentially unsafe. > > > > I think this is pretty sensible, but let's see if the original author > > has some comments... > > I guess not. Oh well... > > Applied, thank you. Note that I had to make some changes to make it compile. Please next time try building your changes before posting them, Thanks. -- Dmitry ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH] Input: hideep - fix the uninitialized use in hideep_nvm_unlock() 2021-06-20 5:35 ` Dmitry Torokhov @ 2021-06-20 6:00 ` Yizhuo Zhai 0 siblings, 0 replies; 8+ messages in thread From: Yizhuo Zhai @ 2021-06-20 6:00 UTC (permalink / raw) To: Dmitry Torokhov; +Cc: Anthony Kim, linux-input, linux-kernel Dimitry: Sorry for the inconvenience, I would build the changes next time. Thanks for your help : ) On Sat, Jun 19, 2021 at 10:35 PM Dmitry Torokhov <dmitry.torokhov@gmail.com> wrote: > > On Sat, Jun 19, 2021 at 10:26:40PM -0700, Dmitry Torokhov wrote: > > On Sat, Jun 19, 2021 at 10:10:37PM -0700, Dmitry Torokhov wrote: > > > On Wed, Jun 16, 2021 at 03:48:51PM -0700, Yizhuo Zhai wrote: > > > > Inside function hideep_nvm_unlock(), variable "unmask_code" could > > > > be uninitialized if hideep_pgm_r_reg() returns error, however, it > > > > is used in the later if statement after an "and" operation, which > > > > is potentially unsafe. > > > > > > I think this is pretty sensible, but let's see if the original author > > > has some comments... > > > > I guess not. Oh well... > > > > Applied, thank you. > > Note that I had to make some changes to make it compile. Please next > time try building your changes before posting them, > > Thanks. > > -- > Dmitry -- Kind Regards, Yizhuo Zhai Computer Science, Graduate Student University of California, Riverside ^ permalink raw reply [flat|nested] 8+ messages in thread
* [PATCH] Input: hideep - fix the uninitialized use in hideep_nvm_unlock() @ 2021-06-15 17:26 Yizhuo Zhai 2021-06-15 18:15 ` Dmitry Torokhov 0 siblings, 1 reply; 8+ messages in thread From: Yizhuo Zhai @ 2021-06-15 17:26 UTC (permalink / raw) To: dmitry.torokhov, linux-input, linux-kernel Inside function hideep_nvm_unlock(), variable "unmask_code" could be uninitialized if hideep_pgm_r_reg() returns error, however, it is used in the later if statement after an "and" operation, which is potentially unsafe. Signed-off-by: Yizhuo <yzhai003@ucr.edu> --- drivers/input/touchscreen/hideep.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/input/touchscreen/hideep.c b/drivers/input/touchscreen/hideep.c index ddad4a82a5e5..49b713ad4384 100644 --- a/drivers/input/touchscreen/hideep.c +++ b/drivers/input/touchscreen/hideep.c @@ -363,7 +363,7 @@ static int hideep_enter_pgm(struct hideep_ts *ts) static void hideep_nvm_unlock(struct hideep_ts *ts) { - u32 unmask_code; + u32 unmask_code = 0; hideep_pgm_w_reg(ts, HIDEEP_FLASH_CFG, HIDEEP_NVM_SFR_RPAGE); hideep_pgm_r_reg(ts, 0x0000000C, &unmask_code); -- 2.17.1 ^ permalink raw reply related [flat|nested] 8+ messages in thread
* Re: [PATCH] Input: hideep - fix the uninitialized use in hideep_nvm_unlock() 2021-06-15 17:26 Yizhuo Zhai @ 2021-06-15 18:15 ` Dmitry Torokhov 2021-06-15 18:57 ` Yizhuo Zhai 0 siblings, 1 reply; 8+ messages in thread From: Dmitry Torokhov @ 2021-06-15 18:15 UTC (permalink / raw) To: Yizhuo Zhai; +Cc: linux-input, linux-kernel Hi Yizhuo, On Tue, Jun 15, 2021 at 10:26:09AM -0700, Yizhuo Zhai wrote: > Inside function hideep_nvm_unlock(), variable "unmask_code" could > be uninitialized if hideep_pgm_r_reg() returns error, however, it > is used in the later if statement after an "and" operation, which > is potentially unsafe. I do not think that simply initializing the variable makes the code behave any better. If we want to fix this properly we need to check for errors returned by hideep_pgm_r_reg() and hideep_pgm_w_reg() and exit this function early, signalling the caller about errors. > > Signed-off-by: Yizhuo <yzhai003@ucr.edu> > --- > drivers/input/touchscreen/hideep.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/drivers/input/touchscreen/hideep.c > b/drivers/input/touchscreen/hideep.c > index ddad4a82a5e5..49b713ad4384 100644 > --- a/drivers/input/touchscreen/hideep.c > +++ b/drivers/input/touchscreen/hideep.c > @@ -363,7 +363,7 @@ static int hideep_enter_pgm(struct hideep_ts *ts) > > static void hideep_nvm_unlock(struct hideep_ts *ts) > { > - u32 unmask_code; > + u32 unmask_code = 0; > > hideep_pgm_w_reg(ts, HIDEEP_FLASH_CFG, HIDEEP_NVM_SFR_RPAGE); > hideep_pgm_r_reg(ts, 0x0000000C, &unmask_code); > -- > 2.17.1 Thanks. -- Dmitry ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH] Input: hideep - fix the uninitialized use in hideep_nvm_unlock() 2021-06-15 18:15 ` Dmitry Torokhov @ 2021-06-15 18:57 ` Yizhuo Zhai 2021-06-15 19:41 ` Dmitry Torokhov 0 siblings, 1 reply; 8+ messages in thread From: Yizhuo Zhai @ 2021-06-15 18:57 UTC (permalink / raw) To: Dmitry Torokhov; +Cc: linux-input, linux-kernel Hi Demitry: Thanks for your quick response, following your advice, a careful way is changing the return type of "hideep_nvm_unlock()" from void to int, and its caller "hideep_program_nvm()" also needs to add the return check. If this sounds ok, I would go ahead to modify the patch accordingly. On Tue, Jun 15, 2021 at 11:15 AM Dmitry Torokhov <dmitry.torokhov@gmail.com> wrote: > > Hi Yizhuo, > > On Tue, Jun 15, 2021 at 10:26:09AM -0700, Yizhuo Zhai wrote: > > Inside function hideep_nvm_unlock(), variable "unmask_code" could > > be uninitialized if hideep_pgm_r_reg() returns error, however, it > > is used in the later if statement after an "and" operation, which > > is potentially unsafe. > > I do not think that simply initializing the variable makes the code > behave any better. If we want to fix this properly we need to check for > errors returned by hideep_pgm_r_reg() and hideep_pgm_w_reg() and exit > this function early, signalling the caller about errors. > > > > > Signed-off-by: Yizhuo <yzhai003@ucr.edu> > > --- > > drivers/input/touchscreen/hideep.c | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > diff --git a/drivers/input/touchscreen/hideep.c > > b/drivers/input/touchscreen/hideep.c > > index ddad4a82a5e5..49b713ad4384 100644 > > --- a/drivers/input/touchscreen/hideep.c > > +++ b/drivers/input/touchscreen/hideep.c > > @@ -363,7 +363,7 @@ static int hideep_enter_pgm(struct hideep_ts *ts) > > > > static void hideep_nvm_unlock(struct hideep_ts *ts) > > { > > - u32 unmask_code; > > + u32 unmask_code = 0; > > > > hideep_pgm_w_reg(ts, HIDEEP_FLASH_CFG, HIDEEP_NVM_SFR_RPAGE); > > hideep_pgm_r_reg(ts, 0x0000000C, &unmask_code); > > -- > > 2.17.1 > > Thanks. > > -- > Dmitry -- Kind Regards, Yizhuo Zhai Computer Science, Graduate Student University of California, Riverside ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH] Input: hideep - fix the uninitialized use in hideep_nvm_unlock() 2021-06-15 18:57 ` Yizhuo Zhai @ 2021-06-15 19:41 ` Dmitry Torokhov 0 siblings, 0 replies; 8+ messages in thread From: Dmitry Torokhov @ 2021-06-15 19:41 UTC (permalink / raw) To: Yizhuo Zhai; +Cc: linux-input, linux-kernel On Tue, Jun 15, 2021 at 11:57:36AM -0700, Yizhuo Zhai wrote: > Hi Demitry: > > Thanks for your quick response, following your advice, a careful way > is changing the return type of "hideep_nvm_unlock()" from void to > int, and its caller "hideep_program_nvm()" also needs to add the > return check. > > If this sounds ok, I would go ahead to modify the patch accordingly. Yes, this sounds right. > > On Tue, Jun 15, 2021 at 11:15 AM Dmitry Torokhov > <dmitry.torokhov@gmail.com> wrote: > > > > Hi Yizhuo, > > > > On Tue, Jun 15, 2021 at 10:26:09AM -0700, Yizhuo Zhai wrote: > > > Inside function hideep_nvm_unlock(), variable "unmask_code" could > > > be uninitialized if hideep_pgm_r_reg() returns error, however, it > > > is used in the later if statement after an "and" operation, which > > > is potentially unsafe. > > > > I do not think that simply initializing the variable makes the code > > behave any better. If we want to fix this properly we need to check for > > errors returned by hideep_pgm_r_reg() and hideep_pgm_w_reg() and exit > > this function early, signalling the caller about errors. > > > > > > > > Signed-off-by: Yizhuo <yzhai003@ucr.edu> > > > --- > > > drivers/input/touchscreen/hideep.c | 2 +- > > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > > > diff --git a/drivers/input/touchscreen/hideep.c > > > b/drivers/input/touchscreen/hideep.c > > > index ddad4a82a5e5..49b713ad4384 100644 > > > --- a/drivers/input/touchscreen/hideep.c > > > +++ b/drivers/input/touchscreen/hideep.c > > > @@ -363,7 +363,7 @@ static int hideep_enter_pgm(struct hideep_ts *ts) > > > > > > static void hideep_nvm_unlock(struct hideep_ts *ts) > > > { > > > - u32 unmask_code; > > > + u32 unmask_code = 0; > > > > > > hideep_pgm_w_reg(ts, HIDEEP_FLASH_CFG, HIDEEP_NVM_SFR_RPAGE); > > > hideep_pgm_r_reg(ts, 0x0000000C, &unmask_code); > > > -- > > > 2.17.1 > > > > Thanks. > > > > -- > > Dmitry > > > > -- > Kind Regards, > > Yizhuo Zhai > > Computer Science, Graduate Student > University of California, Riverside -- Dmitry ^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2021-06-20 6:08 UTC | newest] Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- [not found] <CABvMjLRxy1yqXUOWqTTeq=UOsLtuPAyOSCi4SPgcbAqjMuWCCg@mail.gmail.com> 2021-06-20 5:10 ` [PATCH] Input: hideep - fix the uninitialized use in hideep_nvm_unlock() Dmitry Torokhov 2021-06-20 5:26 ` Dmitry Torokhov 2021-06-20 5:35 ` Dmitry Torokhov 2021-06-20 6:00 ` Yizhuo Zhai 2021-06-15 17:26 Yizhuo Zhai 2021-06-15 18:15 ` Dmitry Torokhov 2021-06-15 18:57 ` Yizhuo Zhai 2021-06-15 19:41 ` Dmitry Torokhov
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).