linux-wireless.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* Potential uninitialized variables in cfg80211
@ 2019-10-08 21:19 Yizhuo Zhai
  2019-10-09  6:45 ` Johannes Berg
  0 siblings, 1 reply; 2+ messages in thread
From: Yizhuo Zhai @ 2019-10-08 21:19 UTC (permalink / raw)
  To: Johannes Berg, David S. Miller, linux-wireless, netdev, linux-kernel

Hi All:
net/wireless/chan.c:
Inside function cfg80211_chandef_compatible(), variable "c1_pri40",
" c2_pri40", "c1_pri80" and "c2_pri80" could be uninitialized if
chandef_primary_freqs() fails. However, they are used later in the if
statement to decide the control flow, which is potentially unsafe.

The patch is hard since we do not know the correct value to initialize them.
-- 
Kind Regards,

Yizhuo Zhai

Computer Science, Graduate Student
University of California, Riverside

^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: Potential uninitialized variables in cfg80211
  2019-10-08 21:19 Potential uninitialized variables in cfg80211 Yizhuo Zhai
@ 2019-10-09  6:45 ` Johannes Berg
  0 siblings, 0 replies; 2+ messages in thread
From: Johannes Berg @ 2019-10-09  6:45 UTC (permalink / raw)
  To: Yizhuo Zhai, David S. Miller, linux-wireless, netdev, linux-kernel

On Tue, 2019-10-08 at 14:19 -0700, Yizhuo Zhai wrote:
> Hi All:
> net/wireless/chan.c:
> Inside function cfg80211_chandef_compatible(), variable "c1_pri40",
> " c2_pri40", "c1_pri80" and "c2_pri80" could be uninitialized if
> chandef_primary_freqs() fails. However, they are used later in the if
> statement to decide the control flow, which is potentially unsafe.

I guess theoretically this is right, but the function should only be
called with valid chandefs, and if chandef_primary_freqs() hit the
warning then the chandef certainly wasn't valid.

johannes


^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2019-10-09  6:45 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-10-08 21:19 Potential uninitialized variables in cfg80211 Yizhuo Zhai
2019-10-09  6:45 ` Johannes Berg

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).