linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Doug Anderson <dianders@chromium.org>
To: Sam Ravnborg <sam@ravnborg.org>
Cc: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>,
	dri-devel@lists.freedesktop.org,
	 Linus Walleij <linus.walleij@linaro.org>,
	lvzhaoxiong@huaqin.corp-partner.google.com,
	 Jani Nikula <jani.nikula@linux.intel.com>,
	Hsin-Yi Wang <hsinyi@google.com>,
	 Javier Martinez Canillas <javierm@redhat.com>,
	Neil Armstrong <neil.armstrong@linaro.org>,
	 Joel Selvaraj <jo@jsfamily.in>,
	Cong Yang <yangcong5@huaqin.corp-partner.google.com>,
	 Daniel Vetter <daniel@ffwll.ch>,
	David Airlie <airlied@gmail.com>,
	 Maarten Lankhorst <maarten.lankhorst@linux.intel.com>,
	Maxime Ripard <mripard@kernel.org>,
	 Thomas Zimmermann <tzimmermann@suse.de>,
	linux-kernel@vger.kernel.org
Subject: Re: [PATCH v2 1/8] drm/mipi-dsi: Fix theoretical int overflow in mipi_dsi_dcs_write_seq()
Date: Mon, 29 Apr 2024 14:42:38 -0700	[thread overview]
Message-ID: <CAD=FV=XLoz1S+iQG6qowEGUV_oSF7tcHuXhsw3_0sn30byC0ZA@mail.gmail.com> (raw)
In-Reply-To: <20240427062202.GA1137299@ravnborg.org>

Hi,

On Fri, Apr 26, 2024 at 11:22 PM Sam Ravnborg <sam@ravnborg.org> wrote:
>
> On Sat, Apr 27, 2024 at 04:44:33AM +0300, Dmitry Baryshkov wrote:
> > On Sat, 27 Apr 2024 at 02:59, Douglas Anderson <dianders@chromium.org> wrote:
> > >
> > > The mipi_dsi_dcs_write_seq() macro makes a call to
> > > mipi_dsi_dcs_write_buffer() which returns a type ssize_t. The macro
> > > then stores it in an int and checks to see if it's negative. This
> > > could theoretically be a problem if "ssize_t" is larger than "int".
> > >
> > > To see the issue, imagine that "ssize_t" is 32-bits and "int" is
> > > 16-bits, you could see a problem if there was some code out there that
> > > looked like:
> > >
> > >   mipi_dsi_dcs_write_seq(dsi, cmd, <32767 bytes as arguments>);
> > >
> > > ...since we'd get back that 32768 bytes were transferred and 32768
> > > stored in a 16-bit int would look negative.
> > >
> > > Though there are no callsites where we'd actually hit this (even if
> > > "int" was only 16-bit), it's cleaner to make the types match so let's
> > > fix it.
> > >
> > > Fixes: 2a9e9daf7523 ("drm/mipi-dsi: Introduce mipi_dsi_dcs_write_seq macro")
> > > Signed-off-by: Douglas Anderson <dianders@chromium.org>
> > > ---
> > >
> > > Changes in v2:
> > > - New
> > >
> > >  include/drm/drm_mipi_dsi.h | 4 ++--
> > >  1 file changed, 2 insertions(+), 2 deletions(-)
> > >
> > > diff --git a/include/drm/drm_mipi_dsi.h b/include/drm/drm_mipi_dsi.h
> > > index 82b1cc434ea3..b3576be22bfa 100644
> > > --- a/include/drm/drm_mipi_dsi.h
> > > +++ b/include/drm/drm_mipi_dsi.h
> > > @@ -337,12 +337,12 @@ int mipi_dsi_dcs_get_display_brightness_large(struct mipi_dsi_device *dsi,
> > >         do {                                                               \
> > >                 static const u8 d[] = { cmd, seq };                        \
> > >                 struct device *dev = &dsi->dev;                            \
> > > -               int ret;                                                   \
> > > +               ssize_t ret;                                               \
> > >                 ret = mipi_dsi_dcs_write_buffer(dsi, d, ARRAY_SIZE(d));    \
> > >                 if (ret < 0) {                                             \
> > >                         dev_err_ratelimited(                               \
> > >                                 dev, "sending command %#02x failed: %d\n", \
> > > -                               cmd, ret);                                 \
> > > +                               cmd, (int)ret);                            \
> >
> > Please consider using %zd instead
>
> Hi Douglas,
> please consider the above for all the pathces, there are more places
> where a cast can be dropped.

Sure, I'll change in the next version. I personally prefer the %d with
an "int" type because technically we're printing an error code and
errors are int-sized. ...but I don't feel strongly and I guess there's
a tiny chance some bug in the code could lead to a negative value
that's more useful as 64-bits than 32-bits. ;-)

I will note that I will still need a cast in some of the later patches
for "%*ph" since, I believe, the size passed for the "*" in a printf
format string is defined to be an int, not a size_t or ssize_t.

-Doug

  reply	other threads:[~2024-04-29 21:42 UTC|newest]

Thread overview: 23+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-04-26 23:58 [PATCH v2 0/8] drm/mipi-dsi: Reduce bloat and add funcs for cleaner init seqs Douglas Anderson
2024-04-26 23:58 ` [PATCH v2 1/8] drm/mipi-dsi: Fix theoretical int overflow in mipi_dsi_dcs_write_seq() Douglas Anderson
2024-04-27  1:44   ` Dmitry Baryshkov
2024-04-27  6:22     ` Sam Ravnborg
2024-04-29 21:42       ` Doug Anderson [this message]
2024-04-26 23:58 ` [PATCH v2 2/8] drm/mipi-dsi: Fix theoretical int overflow in mipi_dsi_generic_write_seq() Douglas Anderson
2024-04-26 23:58 ` [PATCH v2 3/8] drm/mipi-dsi: Reduce driver bloat of mipi_dsi_*_write_seq() Douglas Anderson
2024-04-27  2:05   ` Dmitry Baryshkov
2024-04-26 23:58 ` [PATCH v2 4/8] drm/mipi-dsi: Introduce mipi_dsi_*_write_seq_multi() Douglas Anderson
2024-04-27  6:32   ` Sam Ravnborg
2024-04-29 14:13     ` Doug Anderson
2024-04-29  9:38   ` Neil Armstrong
2024-04-29 14:26     ` Doug Anderson
2024-04-29 15:39       ` Jani Nikula
2024-05-01 15:49         ` Doug Anderson
2024-05-01 15:57           ` Dmitry Baryshkov
2024-05-06  6:21       ` Linus Walleij
2024-04-26 23:58 ` [PATCH v2 5/8] drm/mipi-dsi: mipi_dsi_*_write functions don't need to ratelimit prints Douglas Anderson
2024-04-26 23:58 ` [PATCH v2 6/8] drm/panel: novatek-nt36672e: Switch to mipi_dsi_dcs_write_seq_multi() Douglas Anderson
2024-04-26 23:58 ` [PATCH v2 7/8] drm/panel: boe-tv101wum-nl6: Don't use a table for initting commands Douglas Anderson
2024-04-26 23:58 ` [PATCH v2 8/8] drm/panel: boe-tv101wum-nl6: Convert hex to lowercase Douglas Anderson
2024-04-27  8:48   ` Dmitry Baryshkov
2024-04-29  9:20 ` [PATCH v2 0/8] drm/mipi-dsi: Reduce bloat and add funcs for cleaner init seqs Jani Nikula

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAD=FV=XLoz1S+iQG6qowEGUV_oSF7tcHuXhsw3_0sn30byC0ZA@mail.gmail.com' \
    --to=dianders@chromium.org \
    --cc=airlied@gmail.com \
    --cc=daniel@ffwll.ch \
    --cc=dmitry.baryshkov@linaro.org \
    --cc=dri-devel@lists.freedesktop.org \
    --cc=hsinyi@google.com \
    --cc=jani.nikula@linux.intel.com \
    --cc=javierm@redhat.com \
    --cc=jo@jsfamily.in \
    --cc=linus.walleij@linaro.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=lvzhaoxiong@huaqin.corp-partner.google.com \
    --cc=maarten.lankhorst@linux.intel.com \
    --cc=mripard@kernel.org \
    --cc=neil.armstrong@linaro.org \
    --cc=sam@ravnborg.org \
    --cc=tzimmermann@suse.de \
    --cc=yangcong5@huaqin.corp-partner.google.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).