crypto: ensure backlog is initialised

Commit Message

Colin King April 14, 2015, 4:51 p.m. UTC

From: Colin Ian King <colin.king@canonical.com>

backlog is not initialised so in the case where
cpg->eng_st != ENGINE_IDLE it is never initialised and
hence which could lead to an illegal memory dereference
in the statement:

  backlog->complete(backlog, -EINPROGRESS);

Discovered with cppcheck static analsys:
[drivers/crypto/mv_cesa.c:616]:
   (error) Uninitialized variable: backlog

Signed-off-by: Colin Ian King <colin.king@canonical.com>
---
 drivers/crypto/mv_cesa.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Herbert Xu April 18, 2015, 11 a.m. UTC | #1

On Tue, Apr 14, 2015 at 11:51:29AM -0500, Colin King wrote:
> From: Colin Ian King <colin.king@canonical.com>
> 
> backlog is not initialised so in the case where
> cpg->eng_st != ENGINE_IDLE it is never initialised and
> hence which could lead to an illegal memory dereference
> in the statement:
> 
>   backlog->complete(backlog, -EINPROGRESS);
> 
> Discovered with cppcheck static analsys:
> [drivers/crypto/mv_cesa.c:616]:
>    (error) Uninitialized variable: backlog
> 
> Signed-off-by: Colin Ian King <colin.king@canonical.com>

Patch applied.

Patch

diff --git a/drivers/crypto/mv_cesa.c b/drivers/crypto/mv_cesa.c
index f91f15d..e63efbd 100644
--- a/drivers/crypto/mv_cesa.c
+++ b/drivers/crypto/mv_cesa.c
@@ -595,7 +595,7 @@  static int queue_manag(void *data)
 	cpg->eng_st = ENGINE_IDLE;
 	do {
 		struct crypto_async_request *async_req = NULL;
-		struct crypto_async_request *backlog;
+		struct crypto_async_request *backlog = NULL;
 
 		__set_current_state(TASK_INTERRUPTIBLE);