| Message ID | 20210520083424.6685-1-colin.king@canonical.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | [next] ALSA: firewire-lib: Fix uninitialized variable err issue | expand |
On Thu, 20 May 2021 10:34:24 +0200, Colin King wrote: > > From: Colin Ian King <colin.king@canonical.com> > > Currently in the case where the payload_length is less than the > cip_header_size the error return variable err is not being set > and function parse_ir_ctx_header can return an uninitialized > error return value. Fix this by setting err to zero. > > Addresses-Coverity: ("Uninitialized scalar variable") > Fixes: c09010eeb373 ("ALSA: firewire-lib: handle the case that empty isochronous packet payload for CIP") > Signed-off-by: Colin Ian King <colin.king@canonical.com> Just a bikeshed, IMO, it'd be more proper to initialize err at the beginning than setting 0 at every branch, e.g. --- a/sound/firewire/amdtp-stream.c +++ b/sound/firewire/amdtp-stream.c @@ -652,7 +652,7 @@ static int parse_ir_ctx_header(struct amdtp_stream *s, unsigned int cycle, unsigned int payload_length; const __be32 *cip_header; unsigned int cip_header_size; - int err; + int err = 0; payload_length = be32_to_cpu(ctx_header[0]) >> ISO_DATA_LENGTH_SHIFT; @@ -683,7 +683,6 @@ static int parse_ir_ctx_header(struct amdtp_stream *s, unsigned int cycle, } } else { cip_header = NULL; - err = 0; *data_blocks = payload_length / sizeof(__be32) / s->data_block_quadlets; *syt = 0; thanks, Takashi
Hi, On Thu, May 20, 2021 at 02:26:24PM +0200, Takashi Iwai wrote: > On Thu, 20 May 2021 10:34:24 +0200, > Colin King wrote: > > > > From: Colin Ian King <colin.king@canonical.com> > > > > Currently in the case where the payload_length is less than the > > cip_header_size the error return variable err is not being set > > and function parse_ir_ctx_header can return an uninitialized > > error return value. Fix this by setting err to zero. > > > > Addresses-Coverity: ("Uninitialized scalar variable") > > Fixes: c09010eeb373 ("ALSA: firewire-lib: handle the case that empty isochronous packet payload for CIP") > > Signed-off-by: Colin Ian King <colin.king@canonical.com> > > Just a bikeshed, IMO, it'd be more proper to initialize err at the > beginning than setting 0 at every branch, e.g. > > --- a/sound/firewire/amdtp-stream.c > +++ b/sound/firewire/amdtp-stream.c > @@ -652,7 +652,7 @@ static int parse_ir_ctx_header(struct amdtp_stream *s, unsigned int cycle, > unsigned int payload_length; > const __be32 *cip_header; > unsigned int cip_header_size; > - int err; > + int err = 0; > > payload_length = be32_to_cpu(ctx_header[0]) >> ISO_DATA_LENGTH_SHIFT; > > @@ -683,7 +683,6 @@ static int parse_ir_ctx_header(struct amdtp_stream *s, unsigned int cycle, > } > } else { > cip_header = NULL; > - err = 0; > *data_blocks = payload_length / sizeof(__be32) / s->data_block_quadlets; > *syt = 0; Thanks for the patches. The error check is just done for the case to process CIP header, thus we can put the auto variable into the branch. ======== 8< -------- From 3fcca0062297e937c665f1c8e3a117e1187f4115 Mon Sep 17 00:00:00 2001 From: Takashi Sakamoto <o-takashi@sakamocchi.jp> Date: Thu, 20 May 2021 21:59:50 +0900 Subject: [PATCH] ALSA: firewire-lib: Fix uninitialized variable err issue The check of error is just done for the case that CIP header is available. This commit moves auto variable into the branch to process CIP header. Addresses-Coverity: ("Uninitialized scalar variable") Fixes: c09010eeb373 ("ALSA: firewire-lib: handle the case that empty isochronous packet payload for CIP") Suggested-by: Colin Ian King <colin.king@canonical.com> Signed-off-by: Takashi Sakamoto <o-takashi@sakamocchi.jp> --- sound/firewire/amdtp-stream.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/sound/firewire/amdtp-stream.c b/sound/firewire/amdtp-stream.c index 37c8de8a..11ae4e88 100644 --- a/sound/firewire/amdtp-stream.c +++ b/sound/firewire/amdtp-stream.c @@ -748,7 +748,6 @@ static int parse_ir_ctx_header(struct amdtp_stream *s, unsigned int cycle, unsigned int payload_length; const __be32 *cip_header; unsigned int cip_header_size; - int err; payload_length = be32_to_cpu(ctx_header[0]) >> ISO_DATA_LENGTH_SHIFT; @@ -766,6 +765,8 @@ static int parse_ir_ctx_header(struct amdtp_stream *s, unsigned int cycle, if (cip_header_size > 0) { if (payload_length >= cip_header_size) { + int err; + cip_header = ctx_header + IR_CTX_HEADER_DEFAULT_QUADLETS; err = check_cip_header(s, cip_header, payload_length - cip_header_size, data_blocks, data_block_counter, syt); @@ -779,7 +780,6 @@ static int parse_ir_ctx_header(struct amdtp_stream *s, unsigned int cycle, } } else { cip_header = NULL; - err = 0; *data_blocks = payload_length / sizeof(__be32) / s->data_block_quadlets; *syt = 0; @@ -790,7 +790,7 @@ static int parse_ir_ctx_header(struct amdtp_stream *s, unsigned int cycle, trace_amdtp_packet(s, cycle, cip_header, payload_length, *data_blocks, *data_block_counter, packet_index, index); - return err; + return 0; } // In CYCLE_TIMER register of IEEE 1394, 7 bits are used to represent second. On
Hi, On Thu, May 20, 2021 at 10:04:09PM +0900, Takashi Sakamoto wrote: > Hi, > > On Thu, May 20, 2021 at 02:26:24PM +0200, Takashi Iwai wrote: > > On Thu, 20 May 2021 10:34:24 +0200, > > Colin King wrote: > > > > > > From: Colin Ian King <colin.king@canonical.com> > > > > > > Currently in the case where the payload_length is less than the > > > cip_header_size the error return variable err is not being set > > > and function parse_ir_ctx_header can return an uninitialized > > > error return value. Fix this by setting err to zero. > > > > > > Addresses-Coverity: ("Uninitialized scalar variable") > > > Fixes: c09010eeb373 ("ALSA: firewire-lib: handle the case that empty isochronous packet payload for CIP") > > > Signed-off-by: Colin Ian King <colin.king@canonical.com> > > > > Just a bikeshed, IMO, it'd be more proper to initialize err at the > > beginning than setting 0 at every branch, e.g. > > > > --- a/sound/firewire/amdtp-stream.c > > +++ b/sound/firewire/amdtp-stream.c > > @@ -652,7 +652,7 @@ static int parse_ir_ctx_header(struct amdtp_stream *s, unsigned int cycle, > > unsigned int payload_length; > > const __be32 *cip_header; > > unsigned int cip_header_size; > > - int err; > > + int err = 0; > > > > payload_length = be32_to_cpu(ctx_header[0]) >> ISO_DATA_LENGTH_SHIFT; > > > > @@ -683,7 +683,6 @@ static int parse_ir_ctx_header(struct amdtp_stream *s, unsigned int cycle, > > } > > } else { > > cip_header = NULL; > > - err = 0; > > *data_blocks = payload_length / sizeof(__be32) / s->data_block_quadlets; > > *syt = 0; > > Thanks for the patches. > > The error check is just done for the case to process CIP header, thus we > can put the auto variable into the branch. > > ======== 8< -------- > From 3fcca0062297e937c665f1c8e3a117e1187f4115 Mon Sep 17 00:00:00 2001 > From: Takashi Sakamoto <o-takashi@sakamocchi.jp> > Date: Thu, 20 May 2021 21:59:50 +0900 > Subject: [PATCH] ALSA: firewire-lib: Fix uninitialized variable err issue > > The check of error is just done for the case that CIP header is available. > > This commit moves auto variable into the branch to process CIP header. > > Addresses-Coverity: ("Uninitialized scalar variable") > Fixes: c09010eeb373 ("ALSA: firewire-lib: handle the case that empty isochronous packet payload for CIP") > Suggested-by: Colin Ian King <colin.king@canonical.com> > Signed-off-by: Takashi Sakamoto <o-takashi@sakamocchi.jp> > --- > sound/firewire/amdtp-stream.c | 6 +++--- > 1 file changed, 3 insertions(+), 3 deletions(-) > > diff --git a/sound/firewire/amdtp-stream.c b/sound/firewire/amdtp-stream.c > index 37c8de8a..11ae4e88 100644 > --- a/sound/firewire/amdtp-stream.c > +++ b/sound/firewire/amdtp-stream.c > @@ -748,7 +748,6 @@ static int parse_ir_ctx_header(struct amdtp_stream *s, unsigned int cycle, > unsigned int payload_length; > const __be32 *cip_header; > unsigned int cip_header_size; > - int err; > > payload_length = be32_to_cpu(ctx_header[0]) >> ISO_DATA_LENGTH_SHIFT; > > @@ -766,6 +765,8 @@ static int parse_ir_ctx_header(struct amdtp_stream *s, unsigned int cycle, > > if (cip_header_size > 0) { > if (payload_length >= cip_header_size) { > + int err; > + > cip_header = ctx_header + IR_CTX_HEADER_DEFAULT_QUADLETS; > err = check_cip_header(s, cip_header, payload_length - cip_header_size, > data_blocks, data_block_counter, syt); > @@ -779,7 +780,6 @@ static int parse_ir_ctx_header(struct amdtp_stream *s, unsigned int cycle, > } > } else { > cip_header = NULL; > - err = 0; > *data_blocks = payload_length / sizeof(__be32) / s->data_block_quadlets; > *syt = 0; > > @@ -790,7 +790,7 @@ static int parse_ir_ctx_header(struct amdtp_stream *s, unsigned int cycle, > trace_amdtp_packet(s, cycle, cip_header, payload_length, *data_blocks, > *data_block_counter, packet_index, index); > > - return err; > + return 0; > } > > // In CYCLE_TIMER register of IEEE 1394, 7 bits are used to represent second. On > -- > 2.27.0 > ======== 8< -------- Thanks for applying the patch but the commit in your tree includes duplicated From/Data/Subject lines and causes failure of git-am for the patch simply generated by git-am. Is it possible for you to modify history of your for-next branch with enough correction? * https://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound.git/commit/?id=b493305483cb609abcf24c56f7415746c7e6939a Regards Takashi Sakamoto
On Sat, 22 May 2021 00:21:46 +0200, Takashi Sakamoto wrote: > > Hi, > > On Thu, May 20, 2021 at 10:04:09PM +0900, Takashi Sakamoto wrote: > > Hi, > > > > On Thu, May 20, 2021 at 02:26:24PM +0200, Takashi Iwai wrote: > > > On Thu, 20 May 2021 10:34:24 +0200, > > > Colin King wrote: > > > > > > > > From: Colin Ian King <colin.king@canonical.com> > > > > > > > > Currently in the case where the payload_length is less than the > > > > cip_header_size the error return variable err is not being set > > > > and function parse_ir_ctx_header can return an uninitialized > > > > error return value. Fix this by setting err to zero. > > > > > > > > Addresses-Coverity: ("Uninitialized scalar variable") > > > > Fixes: c09010eeb373 ("ALSA: firewire-lib: handle the case that empty isochronous packet payload for CIP") > > > > Signed-off-by: Colin Ian King <colin.king@canonical.com> > > > > > > Just a bikeshed, IMO, it'd be more proper to initialize err at the > > > beginning than setting 0 at every branch, e.g. > > > > > > --- a/sound/firewire/amdtp-stream.c > > > +++ b/sound/firewire/amdtp-stream.c > > > @@ -652,7 +652,7 @@ static int parse_ir_ctx_header(struct amdtp_stream *s, unsigned int cycle, > > > unsigned int payload_length; > > > const __be32 *cip_header; > > > unsigned int cip_header_size; > > > - int err; > > > + int err = 0; > > > > > > payload_length = be32_to_cpu(ctx_header[0]) >> ISO_DATA_LENGTH_SHIFT; > > > > > > @@ -683,7 +683,6 @@ static int parse_ir_ctx_header(struct amdtp_stream *s, unsigned int cycle, > > > } > > > } else { > > > cip_header = NULL; > > > - err = 0; > > > *data_blocks = payload_length / sizeof(__be32) / s->data_block_quadlets; > > > *syt = 0; > > > > Thanks for the patches. > > > > The error check is just done for the case to process CIP header, thus we > > can put the auto variable into the branch. > > > > ======== 8< -------- > > From 3fcca0062297e937c665f1c8e3a117e1187f4115 Mon Sep 17 00:00:00 2001 > > From: Takashi Sakamoto <o-takashi@sakamocchi.jp> > > Date: Thu, 20 May 2021 21:59:50 +0900 > > Subject: [PATCH] ALSA: firewire-lib: Fix uninitialized variable err issue > > > > The check of error is just done for the case that CIP header is available. > > > > This commit moves auto variable into the branch to process CIP header. > > > > Addresses-Coverity: ("Uninitialized scalar variable") > > Fixes: c09010eeb373 ("ALSA: firewire-lib: handle the case that empty isochronous packet payload for CIP") > > Suggested-by: Colin Ian King <colin.king@canonical.com> > > Signed-off-by: Takashi Sakamoto <o-takashi@sakamocchi.jp> > > --- > > sound/firewire/amdtp-stream.c | 6 +++--- > > 1 file changed, 3 insertions(+), 3 deletions(-) > > > > diff --git a/sound/firewire/amdtp-stream.c b/sound/firewire/amdtp-stream.c > > index 37c8de8a..11ae4e88 100644 > > --- a/sound/firewire/amdtp-stream.c > > +++ b/sound/firewire/amdtp-stream.c > > @@ -748,7 +748,6 @@ static int parse_ir_ctx_header(struct amdtp_stream *s, unsigned int cycle, > > unsigned int payload_length; > > const __be32 *cip_header; > > unsigned int cip_header_size; > > - int err; > > > > payload_length = be32_to_cpu(ctx_header[0]) >> ISO_DATA_LENGTH_SHIFT; > > > > @@ -766,6 +765,8 @@ static int parse_ir_ctx_header(struct amdtp_stream *s, unsigned int cycle, > > > > if (cip_header_size > 0) { > > if (payload_length >= cip_header_size) { > > + int err; > > + > > cip_header = ctx_header + IR_CTX_HEADER_DEFAULT_QUADLETS; > > err = check_cip_header(s, cip_header, payload_length - cip_header_size, > > data_blocks, data_block_counter, syt); > > @@ -779,7 +780,6 @@ static int parse_ir_ctx_header(struct amdtp_stream *s, unsigned int cycle, > > } > > } else { > > cip_header = NULL; > > - err = 0; > > *data_blocks = payload_length / sizeof(__be32) / s->data_block_quadlets; > > *syt = 0; > > > > @@ -790,7 +790,7 @@ static int parse_ir_ctx_header(struct amdtp_stream *s, unsigned int cycle, > > trace_amdtp_packet(s, cycle, cip_header, payload_length, *data_blocks, > > *data_block_counter, packet_index, index); > > > > - return err; > > + return 0; > > } > > > > // In CYCLE_TIMER register of IEEE 1394, 7 bits are used to represent second. On > > -- > > 2.27.0 > > ======== 8< -------- > > Thanks for applying the patch but the commit in your tree includes > duplicated From/Data/Subject lines and causes failure of git-am for the > patch simply generated by git-am. Is it possible for you to modify > history of your for-next branch with enough correction? My bad, now corrected. thanks, Takashi
diff --git a/sound/firewire/amdtp-stream.c b/sound/firewire/amdtp-stream.c index af5c3629f1ac..242b1147d768 100644 --- a/sound/firewire/amdtp-stream.c +++ b/sound/firewire/amdtp-stream.c @@ -663,6 +663,7 @@ static int parse_ir_ctx_header(struct amdtp_stream *s, unsigned int cycle, } else { // Handle the cycle so that empty packet arrives. cip_header = NULL; + err = 0; *data_blocks = 0; *syt = 0; }