* Coverity: spi_nor_erase_sector(): Null pointer dereferences
@ 2019-10-28 23:05 coverity-bot
2019-10-29 5:59 ` Tudor.Ambarus
0 siblings, 1 reply; 3+ messages in thread
From: coverity-bot @ 2019-10-28 23:05 UTC (permalink / raw)
To: Tudor Ambarus; +Cc: Boris Brezillon, Gustavo A. R. Silva, linux-next
Hello!
This is an experimental automated report about issues detected by Coverity
from a scan of next-20191025 as part of the linux-next weekly scan project:
https://scan.coverity.com/projects/linux-next-weekly-scan
You're getting this email because you were associated with the identified
lines of code (noted below) that were touched by recent commits:
453977875364 ("mtd: spi-nor: Introduce 'struct spi_nor_controller_ops'")
Coverity reported the following:
*** CID 1487363: Null pointer dereferences (FORWARD_NULL)
/drivers/mtd/spi-nor/spi-nor.c: 967 in spi_nor_erase_sector()
961 */
962 for (i = nor->addr_width - 1; i >= 0; i--) {
963 nor->bouncebuf[i] = addr & 0xff;
964 addr >>= 8;
965 }
966
vvv CID 1487363: Null pointer dereferences (FORWARD_NULL)
vvv Dereferencing null pointer "nor->controller_ops".
967 return nor->controller_ops->write_reg(nor, nor->erase_opcode,
968 nor->bouncebuf, nor->addr_width);
969 }
970
971 /**
972 * spi_nor_div_by_erase_size() - calculate remainder and update new dividend
If this is a false positive, please let us know so we can mark it as
such, or teach the Coverity rules to be smarter. If not, please make
sure fixes get into linux-next. :) For patches fixing this, please
include:
Reported-by: coverity-bot <keescook+coverity-bot@chromium.org>
Addresses-Coverity-ID: 1487363 ("Null pointer dereferences")
Fixes: 453977875364 ("mtd: spi-nor: Introduce 'struct spi_nor_controller_ops'")
Thanks for your attention!
--
Coverity-bot
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Coverity: spi_nor_erase_sector(): Null pointer dereferences
2019-10-28 23:05 Coverity: spi_nor_erase_sector(): Null pointer dereferences coverity-bot
@ 2019-10-29 5:59 ` Tudor.Ambarus
2019-10-29 16:05 ` Kees Cook
0 siblings, 1 reply; 3+ messages in thread
From: Tudor.Ambarus @ 2019-10-29 5:59 UTC (permalink / raw)
To: keescook; +Cc: boris.brezillon, gustavo, linux-next
Hi. Thanks for the report!
On 10/29/2019 01:05 AM, coverity-bot wrote:
> External E-Mail
>
>
> Hello!
>
> This is an experimental automated report about issues detected by Coverity
> from a scan of next-20191025 as part of the linux-next weekly scan project:
> https://scan.coverity.com/projects/linux-next-weekly-scan
>
> You're getting this email because you were associated with the identified
> lines of code (noted below) that were touched by recent commits:
>
> 453977875364 ("mtd: spi-nor: Introduce 'struct spi_nor_controller_ops'")
>
> Coverity reported the following:
>
> *** CID 1487363: Null pointer dereferences (FORWARD_NULL)
> /drivers/mtd/spi-nor/spi-nor.c: 967 in spi_nor_erase_sector()
> 961 */
> 962 for (i = nor->addr_width - 1; i >= 0; i--) {
> 963 nor->bouncebuf[i] = addr & 0xff;
> 964 addr >>= 8;
> 965 }
> 966
> vvv CID 1487363: Null pointer dereferences (FORWARD_NULL)
> vvv Dereferencing null pointer "nor->controller_ops".
> 967 return nor->controller_ops->write_reg(nor, nor->erase_opcode,
> 968 nor->bouncebuf, nor->addr_width);
> 969 }
> 970
> 971 /**
> 972 * spi_nor_div_by_erase_size() - calculate remainder and update new dividend
>
> If this is a false positive, please let us know so we can mark it as
> such, or teach the Coverity rules to be smarter. If not, please make
> sure fixes get into linux-next. :) For patches fixing this, please
> include:
It's a false positive, but the bug report helped us improve the code. I received
similar report with smatch, see the discussion here:
https://www.spinics.net/lists/linux-mtd/msg09701.html
Cheers,
ta
>
> Reported-by: coverity-bot <keescook+coverity-bot@chromium.org>
> Addresses-Coverity-ID: 1487363 ("Null pointer dereferences")
> Fixes: 453977875364 ("mtd: spi-nor: Introduce 'struct spi_nor_controller_ops'")
>
>
> Thanks for your attention!
>
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Coverity: spi_nor_erase_sector(): Null pointer dereferences
2019-10-29 5:59 ` Tudor.Ambarus
@ 2019-10-29 16:05 ` Kees Cook
0 siblings, 0 replies; 3+ messages in thread
From: Kees Cook @ 2019-10-29 16:05 UTC (permalink / raw)
To: Tudor.Ambarus; +Cc: boris.brezillon, gustavo, linux-next
On Tue, Oct 29, 2019 at 05:59:04AM +0000, Tudor.Ambarus@microchip.com wrote:
> Hi. Thanks for the report!
>
> On 10/29/2019 01:05 AM, coverity-bot wrote:
> > External E-Mail
> >
> >
> > Hello!
> >
> > This is an experimental automated report about issues detected by Coverity
> > from a scan of next-20191025 as part of the linux-next weekly scan project:
> > https://scan.coverity.com/projects/linux-next-weekly-scan
> >
> > You're getting this email because you were associated with the identified
> > lines of code (noted below) that were touched by recent commits:
> >
> > 453977875364 ("mtd: spi-nor: Introduce 'struct spi_nor_controller_ops'")
> >
> > Coverity reported the following:
> >
> > *** CID 1487363: Null pointer dereferences (FORWARD_NULL)
> > /drivers/mtd/spi-nor/spi-nor.c: 967 in spi_nor_erase_sector()
> > 961 */
> > 962 for (i = nor->addr_width - 1; i >= 0; i--) {
> > 963 nor->bouncebuf[i] = addr & 0xff;
> > 964 addr >>= 8;
> > 965 }
> > 966
> > vvv CID 1487363: Null pointer dereferences (FORWARD_NULL)
> > vvv Dereferencing null pointer "nor->controller_ops".
> > 967 return nor->controller_ops->write_reg(nor, nor->erase_opcode,
> > 968 nor->bouncebuf, nor->addr_width);
> > 969 }
> > 970
> > 971 /**
> > 972 * spi_nor_div_by_erase_size() - calculate remainder and update new dividend
> >
> > If this is a false positive, please let us know so we can mark it as
> > such, or teach the Coverity rules to be smarter. If not, please make
> > sure fixes get into linux-next. :) For patches fixing this, please
> > include:
>
> It's a false positive, but the bug report helped us improve the code. I received
> similar report with smatch, see the discussion here:
> https://www.spinics.net/lists/linux-mtd/msg09701.html
Okay, great! The Coverity scan tends to be a little behind, so apologies
for the duplicate report. :) Thanks for checking!
--
Kees Cook
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2019-10-29 16:06 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-10-28 23:05 Coverity: spi_nor_erase_sector(): Null pointer dereferences coverity-bot
2019-10-29 5:59 ` Tudor.Ambarus
2019-10-29 16:05 ` Kees Cook
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).