From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Julia Lawall <Julia.Lawall@lip6.fr>,
Sasha Levin <alexander.levin@microsoft.com>
Subject: [PATCH 4.4 020/113] usb: wusbcore: security: cast sizeof to int for comparison
Date: Mon, 8 Oct 2018 20:30:21 +0200 [thread overview]
Message-ID: <20181008175531.831525277@linuxfoundation.org> (raw)
In-Reply-To: <20181008175530.864641368@linuxfoundation.org>
4.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Julia Lawall <Julia.Lawall@lip6.fr>
[ Upstream commit d3ac5598c5010a8999978ebbcca3b1c6188ca36b ]
Comparing an int to a size, which is unsigned, causes the int to become
unsigned, giving the wrong result. usb_get_descriptor can return a
negative error code.
A simplified version of the semantic match that finds this problem is as
follows: (http://coccinelle.lip6.fr/)
// <smpl>
@@
int x;
expression e,e1;
identifier f;
@@
*x = f(...);
... when != x = e1
when != if (x < 0 || ...) { ... return ...; }
*x < sizeof(e)
// </smpl>
Signed-off-by: Julia Lawall <Julia.Lawall@lip6.fr>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
drivers/usb/wusbcore/security.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/drivers/usb/wusbcore/security.c
+++ b/drivers/usb/wusbcore/security.c
@@ -230,7 +230,7 @@ int wusb_dev_sec_add(struct wusbhc *wusb
result = usb_get_descriptor(usb_dev, USB_DT_SECURITY,
0, secd, sizeof(*secd));
- if (result < sizeof(*secd)) {
+ if (result < (int)sizeof(*secd)) {
dev_err(dev, "Can't read security descriptor or "
"not enough data: %d\n", result);
goto out;
next prev parent reply other threads:[~2018-10-08 18:33 UTC|newest]
Thread overview: 129+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-10-08 18:30 [PATCH 4.4 000/113] 4.4.160-stable review Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 001/113] crypto: skcipher - Fix -Wstringop-truncation warnings Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 002/113] tsl2550: fix lux1_input error in low light Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 003/113] vmci: type promotion bug in qp_host_get_user_memory() Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 004/113] x86/numa_emulation: Fix emulated-to-physical node mapping Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 005/113] staging: rts5208: fix missing error check on call to rtsx_write_register Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 006/113] uwb: hwa-rc: fix memory leak at probe Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 007/113] power: vexpress: fix corruption in notifier registration Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 008/113] Bluetooth: Add a new Realtek 8723DE ID 0bda:b009 Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 009/113] USB: serial: kobil_sct: fix modem-status error handling Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 010/113] 6lowpan: iphc: reset mac_header after decompress to fix panic Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 011/113] md-cluster: clear another nodes suspend_area after the copy is finished Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 012/113] media: exynos4-is: Prevent NULL pointer dereference in __isp_video_try_fmt() Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 013/113] powerpc/kdump: Handle crashkernel memory reservation failure Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 014/113] media: fsl-viu: fix error handling in viu_of_probe() Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 015/113] x86/tsc: Add missing header to tsc_msr.c Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 016/113] x86/entry/64: Add two more instruction suffixes Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 017/113] scsi: target/iscsi: Make iscsit_ta_authentication() respect the output buffer size Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 018/113] scsi: klist: Make it safe to use klists in atomic context Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 019/113] scsi: ibmvscsi: Improve strings handling Greg Kroah-Hartman
2018-10-08 18:30 ` Greg Kroah-Hartman [this message]
2018-10-08 18:30 ` [PATCH 4.4 021/113] powerpc/powernv/ioda2: Reduce upper limit for DMA window size Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 022/113] alarmtimer: Prevent overflow for relative nanosleep Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 023/113] s390/extmem: fix gcc 8 stringop-overflow warning Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 024/113] ALSA: snd-aoa: add of_node_put() in error path Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 025/113] media: s3c-camif: ignore -ENOIOCTLCMD from v4l2_subdev_call for s_power Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 026/113] media: soc_camera: ov772x: correct setting of banding filter Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 027/113] media: omap3isp: zero-initialize the isp cam_xclk{a,b} initial data Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 028/113] staging: android: ashmem: Fix mmap size validation Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 029/113] drivers/tty: add error handling for pcmcia_loop_config Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 030/113] media: tm6000: add error handling for dvb_register_adapter Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 031/113] ALSA: hda: Add AZX_DCAPS_PM_RUNTIME for AMD Raven Ridge Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 032/113] ath10k: protect ath10k_htt_rx_ring_free with rx_ring.lock Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 033/113] rndis_wlan: potential buffer overflow in rndis_wlan_auth_indication() Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 034/113] wlcore: Add missing PM call for wlcore_cmd_wait_for_event_or_timeout() Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 035/113] ARM: mvebu: declare asm symbols as character arrays in pmsu.c Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 036/113] HID: hid-ntrig: add error handling for sysfs_create_group Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 037/113] scsi: bnx2i: add error handling for ioremap_nocache Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 038/113] EDAC, i7core: Fix memleaks and use-after-free on probe and remove Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 039/113] ASoC: dapm: Fix potential DAI widget pointer deref when linking DAIs Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 040/113] module: exclude SHN_UNDEF symbols from kallsyms api Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 041/113] nfsd: fix corrupted reply to badly ordered compound Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 042/113] ARM: dts: dra7: fix DCAN node addresses Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 043/113] floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 044/113] serial: cpm_uart: return immediately from console poll Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 045/113] spi: tegra20-slink: explicitly enable/disable clock Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 046/113] spi: sh-msiof: Fix invalid SPI use during system suspend Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 047/113] spi: sh-msiof: Fix handling of write value for SISTR register Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 048/113] spi: rspi: Fix invalid SPI use during system suspend Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 049/113] spi: rspi: Fix interrupted DMA transfers Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 050/113] USB: fix error handling in usb_driver_claim_interface() Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 051/113] USB: handle NULL config in usb_find_alt_setting() Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 052/113] slub: make ->cpu_partial unsigned int Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 053/113] media: uvcvideo: Support realteks UVC 1.5 device Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 054/113] USB: usbdevfs: sanitize flags more Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 055/113] USB: usbdevfs: restore warning for nonsensical flags Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 056/113] Revert "usb: cdc-wdm: Fix a sleep-in-atomic-context bug in service_outstanding_interrupt()" Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 057/113] USB: remove LPM management from usb_driver_claim_interface() Greg Kroah-Hartman
2018-10-08 18:30 ` [PATCH 4.4 058/113] Input: elantech - enable middle button of touchpad on ThinkPad P72 Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 059/113] IB/srp: Avoid that sg_reset -d ${srp_device} triggers an infinite loop Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 060/113] scsi: target: iscsi: Use bin2hex instead of a re-implementation Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 061/113] serial: imx: restore handshaking irq for imx1 Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 062/113] arm64: KVM: Tighten guest core register access from userspace Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 063/113] ext4: never move the system.data xattr out of the inode body Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 064/113] thermal: of-thermal: disable passive polling when thermal zone is disabled Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 065/113] net: hns: fix length and page_offset overflow when CONFIG_ARM64_64K_PAGES Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 066/113] e1000: check on netif_running() before calling e1000_up() Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 067/113] e1000: ensure to free old tx/rx rings in set_ringparam() Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 068/113] hwmon: (ina2xx) fix sysfs shunt resistor read access Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 069/113] hwmon: (adt7475) Make adt7475_read_word() return errors Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 070/113] i2c: i801: Allow ACPI AML access I/O ports not reserved for SMBus Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 071/113] arm64: cpufeature: Track 32bit EL0 support Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 072/113] arm64: KVM: Sanitize PSTATE.M when being set from userspace Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 073/113] media: v4l: event: Prevent freeing event subscriptions while accessed Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 074/113] KVM: PPC: Book3S HV: Dont truncate HPTE index in xlate function Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 075/113] mac80211: correct use of IEEE80211_VHT_CAP_RXSTBC_X Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 076/113] mac80211_hwsim: " Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 077/113] gpio: adp5588: Fix sleep-in-atomic-context bug Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 078/113] mac80211: mesh: fix HWMP sequence numbering to follow standard Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 079/113] cfg80211: nl80211_update_ft_ies() to validate NL80211_ATTR_IE Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 080/113] RAID10 BUG_ON in raise_barrier when force is true and conf->barrier is 0 Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 081/113] i2c: uniphier: issue STOP only for last message or I2C_M_STOP Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 082/113] i2c: uniphier-f: " Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 083/113] net: cadence: Fix a sleep-in-atomic-context bug in macb_halt_tx() Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 084/113] fs/cifs: dont translate SFM_SLASH (U+F026) to backslash Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 085/113] cfg80211: fix a type issue in ieee80211_chandef_to_operating_class() Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 086/113] mac80211: fix a race between restart and CSA flows Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 087/113] mac80211: Fix station bandwidth setting after channel switch Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 088/113] mac80211: shorten the IBSS debug messages Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 089/113] tools/vm/slabinfo.c: fix sign-compare warning Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 090/113] tools/vm/page-types.c: fix "defined but not used" warning Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 091/113] mm: madvise(MADV_DODUMP): allow hugetlbfs pages Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 092/113] usb: gadget: fotg210-udc: Fix memory leak of fotg210->ep[i] Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 093/113] pinctrl: msm: Really mask level interrupts to prevent latching Greg Kroah-Hartman
2018-10-09 6:33 ` Nathan Chancellor
2018-10-09 9:23 ` Greg Kroah-Hartman
2018-10-09 16:57 ` Bjorn Andersson
2018-10-10 7:12 ` Linus Walleij
2018-10-10 7:53 ` Nathan Chancellor
2018-10-10 12:12 ` Linus Walleij
2018-10-10 12:45 ` Greg KH
2018-10-10 14:39 ` Sasha Levin
2018-10-10 15:03 ` Greg KH
2018-10-08 18:31 ` [PATCH 4.4 094/113] perf probe powerpc: Ignore SyS symbols irrespective of endianness Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 095/113] RDMA/ucma: check fd type in ucma_migrate_id() Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 096/113] USB: yurex: Check for truncation in yurex_read() Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 097/113] drm/nouveau/TBDdevinit: dont fail when PMU/PRE_OS is missing from VBIOS Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 098/113] fs/cifs: suppress a string overflow warning Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 099/113] dm thin metadata: try to avoid ever aborting transactions Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 100/113] arch/hexagon: fix kernel/dma.c build warning Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 101/113] hexagon: modify ffs() and fls() to return int Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 102/113] arm64: jump_label.h: use asm_volatile_goto macro instead of "asm goto" Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 103/113] r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing RTL_FLAG_TASK_ENABLED Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 104/113] s390/qeth: dont dump past end of unknown HW header Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 105/113] cifs: read overflow in is_valid_oplock_break() Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 106/113] xen/manage: dont complain about an empty value in control/sysrq node Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 107/113] xen: avoid crash in disable_hotplug_cpu Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 108/113] xen: fix GCC warning and remove duplicate EVTCHN_ROW/EVTCHN_COL usage Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 109/113] smb2: fix missing files in root share directory listing Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 110/113] ALSA: hda/realtek - Cannot adjust speakers volume on Dell XPS 27 7760 Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 111/113] crypto: mxs-dcp - Fix wait logic on chan threads Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 112/113] proc: restrict kernel stack dumps to root Greg Kroah-Hartman
2018-10-08 18:31 ` [PATCH 4.4 113/113] ocfs2: fix locking for res->tracking and dlm->tracking_list Greg Kroah-Hartman
2018-10-08 23:23 ` [PATCH 4.4 000/113] 4.4.160-stable review Shuah Khan
2018-10-09 1:29 ` Nathan Chancellor
2018-10-09 21:05 ` Guenter Roeck
2018-10-10 5:53 ` Greg Kroah-Hartman
2018-10-10 4:20 ` Naresh Kamboju
2018-10-10 6:56 ` Jon Hunter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181008175531.831525277@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=Julia.Lawall@lip6.fr \
--cc=alexander.levin@microsoft.com \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).