{"id":810242,"url":"http://patchwork.ozlabs.org/api/1.2/patches/810242/?format=json","web_url":"http://patchwork.ozlabs.org/project/netdev/patch/20170905181658.23893-1-colin.king@canonical.com/","project":{"id":7,"url":"http://patchwork.ozlabs.org/api/1.2/projects/7/?format=json","name":"Linux network development","link_name":"netdev","list_id":"netdev.vger.kernel.org","list_email":"netdev@vger.kernel.org","web_url":null,"scm_url":null,"webscm_url":null,"list_archive_url":"","list_archive_url_format":"","commit_url_format":""},"msgid":"<20170905181658.23893-1-colin.king@canonical.com>","list_archive_url":null,"date":"2017-09-05T18:16:58","name":"[2/2] b43legacy: fix unitialized reads of ret by initializing the array to zero","commit_ref":null,"pull_url":null,"state":"awaiting-upstream","archived":true,"hash":"e61530b23e516731fe0cc83d90e3e59b88a34767","submitter":{"id":2900,"url":"http://patchwork.ozlabs.org/api/1.2/people/2900/?format=json","name":"Colin Ian King","email":"colin.king@canonical.com"},"delegate":{"id":34,"url":"http://patchwork.ozlabs.org/api/1.2/users/34/?format=json","username":"davem","first_name":"David","last_name":"Miller","email":"davem@davemloft.net"},"mbox":"http://patchwork.ozlabs.org/project/netdev/patch/20170905181658.23893-1-colin.king@canonical.com/mbox/","series":[{"id":1623,"url":"http://patchwork.ozlabs.org/api/1.2/series/1623/?format=json","web_url":"http://patchwork.ozlabs.org/project/netdev/list/?series=1623","date":"2017-09-05T18:15:50","name":"[1/2] b43: fix unitialized reads of ret by initializing the array to zero","version":1,"mbox":"http://patchwork.ozlabs.org/series/1623/mbox/"}],"comments":"http://patchwork.ozlabs.org/api/patches/810242/comments/","check":"pending","checks":"http://patchwork.ozlabs.org/api/patches/810242/checks/","tags":{},"related":[],"headers":{"Return-Path":"<netdev-owner@vger.kernel.org>","X-Original-To":"patchwork-incoming@ozlabs.org","Delivered-To":"patchwork-incoming@ozlabs.org","Authentication-Results":"ozlabs.org;\n\tspf=none (mailfrom) smtp.mailfrom=vger.kernel.org\n\t(client-ip=209.132.180.67; helo=vger.kernel.org;\n\tenvelope-from=netdev-owner@vger.kernel.org;\n\treceiver=<UNKNOWN>)","Received":["from vger.kernel.org (vger.kernel.org [209.132.180.67])\n\tby ozlabs.org (Postfix) with ESMTP id 3xmw0v66wKz9t16\n\tfor <patchwork-incoming@ozlabs.org>;\n\tWed,  6 Sep 2017 04:17:19 +1000 (AEST)","(majordomo@vger.kernel.org) by vger.kernel.org via listexpand\n\tid S1752723AbdIESRG (ORCPT <rfc822;patchwork-incoming@ozlabs.org>);\n\tTue, 5 Sep 2017 14:17:06 -0400","from youngberry.canonical.com ([91.189.89.112]:53045 \"EHLO\n\tyoungberry.canonical.com\" rhost-flags-OK-OK-OK-OK) by vger.kernel.org\n\twith ESMTP id S1752681AbdIESRC (ORCPT\n\t<rfc822;netdev@vger.kernel.org>); Tue, 5 Sep 2017 14:17:02 -0400","from 1.general.cking.uk.vpn ([10.172.193.212] helo=localhost)\n\tby youngberry.canonical.com with esmtpsa\n\t(TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.76)\n\t(envelope-from <colin.king@canonical.com>)\n\tid 1dpIPC-00078N-Ma; Tue, 05 Sep 2017 18:16:58 +0000"],"From":"Colin King <colin.king@canonical.com>","To":"Larry Finger <Larry.Finger@lwfinger.net>,\n\tKalle Valo <kvalo@codeaurora.org>,\n\tlinux-wireless@vger.kernel.org, b43-dev@lists.infradead.org,\n\tnetdev@vger.kernel.org","Cc":"kernel-janitors@vger.kernel.org, linux-kernel@vger.kernel.org","Subject":"[PATCH 2/2] b43legacy: fix unitialized reads of ret by initializing\n\tthe array to zero","Date":"Tue,  5 Sep 2017 19:16:58 +0100","Message-Id":"<20170905181658.23893-1-colin.king@canonical.com>","X-Mailer":"git-send-email 2.14.1","MIME-Version":"1.0","Content-Type":"text/plain; charset=\"utf-8\"","Content-Transfer-Encoding":"8bit","Sender":"netdev-owner@vger.kernel.org","Precedence":"bulk","List-ID":"<netdev.vger.kernel.org>","X-Mailing-List":"netdev@vger.kernel.org"},"content":"From: Colin Ian King <colin.king@canonical.com>\n\nThe u8 char array ret is not being initialized and elements outside\nthe range start to end contain just garbage values from the stack.\nThis results in a later scan of the array to read potentially\nuninitialized values.  Fix this by initializing the array to zero.\nThis seems to have been an issue since the very first commit.\n\nDetected by CoverityScan CID#139653 (\"Uninitialized scalar variable\")\n\nSigned-off-by: Colin Ian King <colin.king@canonical.com>\n---\n drivers/net/wireless/broadcom/b43legacy/radio.c | 2 +-\n 1 file changed, 1 insertion(+), 1 deletion(-)","diff":"diff --git a/drivers/net/wireless/broadcom/b43legacy/radio.c b/drivers/net/wireless/broadcom/b43legacy/radio.c\nindex 9501420340a9..eab1c9387846 100644\n--- a/drivers/net/wireless/broadcom/b43legacy/radio.c\n+++ b/drivers/net/wireless/broadcom/b43legacy/radio.c\n@@ -280,7 +280,7 @@ u8 b43legacy_radio_aci_detect(struct b43legacy_wldev *dev, u8 channel)\n u8 b43legacy_radio_aci_scan(struct b43legacy_wldev *dev)\n {\n \tstruct b43legacy_phy *phy = &dev->phy;\n-\tu8 ret[13];\n+\tu8 ret[13] = { 0 };\n \tunsigned int channel = phy->channel;\n \tunsigned int i;\n \tunsigned int j;\n","prefixes":["2/2"]}