| Message ID | 20160414093917.GA16891@mwanda (mailing list archive) |
|---|---|
| State | Superseded, archived |
| Headers | show |
On 04/14/2016 02:39 AM, Dan Carpenter wrote: > It's possible to use "err" without initializing it. If it happens to be > a 2 which is SCSI_DH_RETRY then that could cause a bug. > > Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> > > diff --git a/drivers/scsi/device_handler/scsi_dh_alua.c b/drivers/scsi/device_handler/scsi_dh_alua.c > index 8eaed05..f3c994f 100644 > --- a/drivers/scsi/device_handler/scsi_dh_alua.c > +++ b/drivers/scsi/device_handler/scsi_dh_alua.c > @@ -513,7 +513,8 @@ static int alua_rtpg(struct scsi_device *sdev, struct alua_port_group *pg) > struct alua_port_group *tmp_pg; > int len, k, off, valid_states = 0, bufflen = ALUA_RTPG_SIZE; > unsigned char *desc, *buff; > - unsigned err, retval; > + unsigned int err = 0; > + unsigned int retval; > unsigned int tpg_desc_tbl_off; > unsigned char orig_transition_tmo; > unsigned long flags; Hello Dan, The code that uses the 'err' variable occurs in a loop. I think the initialization of 'err' should occur after the "retry:" label. Bart. -- To unsubscribe from this list: send the line "unsubscribe linux-scsi" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Thu, Apr 14, 2016 at 08:45:18AM -0700, Bart Van Assche wrote: > On 04/14/2016 02:39 AM, Dan Carpenter wrote: > >It's possible to use "err" without initializing it. If it happens to be > >a 2 which is SCSI_DH_RETRY then that could cause a bug. > > > >Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> > > > >diff --git a/drivers/scsi/device_handler/scsi_dh_alua.c b/drivers/scsi/device_handler/scsi_dh_alua.c > >index 8eaed05..f3c994f 100644 > >--- a/drivers/scsi/device_handler/scsi_dh_alua.c > >+++ b/drivers/scsi/device_handler/scsi_dh_alua.c > >@@ -513,7 +513,8 @@ static int alua_rtpg(struct scsi_device *sdev, struct alua_port_group *pg) > > struct alua_port_group *tmp_pg; > > int len, k, off, valid_states = 0, bufflen = ALUA_RTPG_SIZE; > > unsigned char *desc, *buff; > >- unsigned err, retval; > >+ unsigned int err = 0; > >+ unsigned int retval; > > unsigned int tpg_desc_tbl_off; > > unsigned char orig_transition_tmo; > > unsigned long flags; > > Hello Dan, > > The code that uses the 'err' variable occurs in a loop. I think the > initialization of 'err' should occur after the "retry:" label. It looks like you're right. I'll resend. I don't know this code very well, obviously and it's a static checker fix not something I have tested. regards, dan carpenter -- To unsubscribe from this list: send the line "unsubscribe linux-scsi" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/drivers/scsi/device_handler/scsi_dh_alua.c b/drivers/scsi/device_handler/scsi_dh_alua.c index 8eaed05..f3c994f 100644 --- a/drivers/scsi/device_handler/scsi_dh_alua.c +++ b/drivers/scsi/device_handler/scsi_dh_alua.c @@ -513,7 +513,8 @@ static int alua_rtpg(struct scsi_device *sdev, struct alua_port_group *pg) struct alua_port_group *tmp_pg; int len, k, off, valid_states = 0, bufflen = ALUA_RTPG_SIZE; unsigned char *desc, *buff; - unsigned err, retval; + unsigned int err = 0; + unsigned int retval; unsigned int tpg_desc_tbl_off; unsigned char orig_transition_tmo; unsigned long flags;
It's possible to use "err" without initializing it. If it happens to be a 2 which is SCSI_DH_RETRY then that could cause a bug. Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> -- To unsubscribe from this list: send the line "unsubscribe linux-scsi" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html