<div dir="ltr">Hi All:<div>I just found a bug in the cramfs using the static analysis tool, but not sure if this could happen in reality, could you<span class="gmail-Apple-converted-space"> </span><span class="gmail-il">please</span><span class="gmail-Apple-converted-space"> </span><span class="gmail-il">advise</span>here? Thanks for your attention : )</div><div><br></div><div><span style="color:rgb(0,0,0);font-family:Arial;font-size:13px;white-space:pre-wrap">In function </span><span style="color:rgb(0,0,0);font-family:Arial;font-size:13px;white-space:pre-wrap">enable_stream_features(), the variable</span><font face="arial, sans-serif"><span style="color:rgb(0,0,0);white-space:pre-wrap"> "</span><span class="gmail-n" style="color:rgb(0,0,0);box-sizing:inherit">old_downspread</span><span class="gmail-p" style="box-sizing:inherit;color:rgb(102,102,102)">.</span><span class="gmail-n" style="color:rgb(0,0,0);box-sizing:inherit"><a href="https://elixir.bootlin.com/linux/v4.18-rc1/source/drivers/gpu/drm/amd/display/dc/core/v4.18-rc1/C/ident/raw" style="box-sizing:inherit;text-decoration-skip:objects;color:inherit;text-decoration:none;background-image:linear-gradient(rgba(0,0,0,0) 10%,rgb(244,246,255) 10%,rgb(244,246,255) 90%,rgba(0,0,0,0) 90%);border-top-left-radius:0.2em;border-top-right-radius:0.2em;border-bottom-right-radius:0.2em;border-bottom-left-radius:0.2em">raw</a></span><span style="color:rgb(0,0,0);white-space:pre-wrap">" </span></font><span style="font-size:13px;color:rgb(0,0,0);font-family:Arial;white-space:pre-wrap">could be uninitialized i</span><span style="font-size:13px;color:rgb(0,0,0);font-family:Arial;white-space:pre-wrap">f core_link_read_dpcd fails(), however, it is used in the later if statement, and further, core_link_write_dpcd() may write </span><span style="color:rgb(0,0,0);font-family:Arial;font-size:13px;white-space:pre-wrap">random value, which is potentially unsafe. But this function does not return the error code to the up caller and I got stuck in drafting the patch, could you please advise me here?</span></div><div><span style="color:rgb(0,0,0);font-family:Arial;font-size:13px;white-space:pre-wrap"><br></span></div><div><span style="color:rgb(0,0,0);font-family:Arial;font-size:13px;white-space:pre-wrap">The related code:</span></div><div><pre style="color:rgb(51,51,51);margin-top:0px;margin-bottom:0px;line-height:16.25px">static void enable_stream_features(struct pipe_ctx *pipe_ctx)
{
union down_spread_ctrl old_downspread;
core_link_read_dpcd(link, DP_DOWNSPREAD_CTRL,
&old_downspread.raw, sizeof(old_downspread);</pre><pre style="margin-top:0px;margin-bottom:0px;line-height:16.25px"><span style="color:rgb(51,51,51)">
//<span style="font-family:Arial,Helvetica,sans-serif">old_downspread.raw</span>
<span style="color:rgb(0,136,0);font-weight:bold">if</span> (new_downspread.raw != old_downspread.raw) {
core_link_write_dpcd(link, DP_DOWNSPREAD_CTRL,
&new_downspread.raw, sizeof(new_downspread));
}
}
enum dc_status core_link_read_dpcd(
struct dc_link *link,
uint32_t address,
uint8_t *data,
uint32_t size)
{
//data could be uninitialized</span><font color="#333333"> if the helpers fails and log some error info</font></pre><pre style="margin-top:0px;margin-bottom:0px;line-height:16.25px"><font color="#333333"> </font><span style="color:rgb(0,136,0);font-weight:bold">if</span><font color="#333333"> (</font><font color="#333333">!dm_helpers_dp_read_dpcd(link->ctx,
link,
address, data, size))
</font><span style="color:rgb(0,136,0);font-weight:bold">return</span><font color="#333333"> DC_ERROR_UNEXPECTED;
</font><span style="color:rgb(0,136,0);font-weight:bold">return</span><font color="#333333"> DC_OK;
}</font></pre></div><div><br></div>-- <br><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><span style="font-size:14px">Kind Regards,</span><div style="font-size:14px"><br><div><font face="arial, helvetica, sans-serif" size="2"><b>Yizhuo Zhai</b></font></div></div><div style="font-size:14px"><br></div><div style="font-size:14px"><b>Computer Science, Graduate Student</b></div><div style="font-size:14px"><b>University of California, Riverside </b></div></div></div></div>