Message ID | 20150108100708.GA10597@mwanda (mailing list archive) |
---|---|
State | Accepted, archived |
Delegated to: | Hans Verkuil |
Headers |
Received: from mail.tu-berlin.de ([130.149.7.33]) by www.linuxtv.org with esmtp (Exim 4.72) (envelope-from <linux-media-owner@vger.kernel.org>) id 1Y9A0E-00053y-MZ; Thu, 08 Jan 2015 11:07:42 +0100 X-tubIT-Incoming-IP: 209.132.180.67 Received: from vger.kernel.org ([209.132.180.67]) by mail.tu-berlin.de (exim-4.72/mailfrontend-6) with esmtp id 1Y9A0C-0002yp-4D; Thu, 08 Jan 2015 11:07:42 +0100 Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1756197AbbAHKHh (ORCPT <rfc822;mkrufky@linuxtv.org> + 1 other); Thu, 8 Jan 2015 05:07:37 -0500 Received: from userp1040.oracle.com ([156.151.31.81]:47553 "EHLO userp1040.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752756AbbAHKHg (ORCPT <rfc822; linux-media@vger.kernel.org>); Thu, 8 Jan 2015 05:07:36 -0500 Received: from ucsinet22.oracle.com (ucsinet22.oracle.com [156.151.31.94]) by userp1040.oracle.com (Sentrion-MTA-4.3.2/Sentrion-MTA-4.3.2) with ESMTP id t08A7L6M010917 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Thu, 8 Jan 2015 10:07:22 GMT Received: from aserz7022.oracle.com (aserz7022.oracle.com [141.146.126.231]) by ucsinet22.oracle.com (8.14.5+Sun/8.14.5) with ESMTP id t08A7JJ1008116 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL); Thu, 8 Jan 2015 10:07:20 GMT Received: from abhmp0004.oracle.com (abhmp0004.oracle.com [141.146.116.10]) by aserz7022.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id t08A7JdR029280; Thu, 8 Jan 2015 10:07:19 GMT Received: from mwanda (/154.0.139.178) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Thu, 08 Jan 2015 02:07:19 -0800 Date: Thu, 8 Jan 2015 13:07:08 +0300 From: Dan Carpenter <dan.carpenter@oracle.com> To: Philipp Zabel <p.zabel@pengutronix.de> Cc: Mauro Carvalho Chehab <mchehab@osg.samsung.com>, Grant Likely <grant.likely@linaro.org>, Rob Herring <robh+dt@kernel.org>, linux-media@vger.kernel.org, kernel-janitors@vger.kernel.org Subject: [patch] [media] coda: improve safety in coda_register_device() Message-ID: <20150108100708.GA10597@mwanda> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.5.21 (2010-09-15) X-Source-IP: ucsinet22.oracle.com [156.151.31.94] Sender: linux-media-owner@vger.kernel.org Precedence: bulk List-ID: <linux-media.vger.kernel.org> X-Mailing-List: linux-media@vger.kernel.org X-PMX-Version: 6.0.0.2142326, Antispam-Engine: 2.7.2.2107409, Antispam-Data: 2015.1.8.95719 X-PMX-Spam: Gauge=IIIIIIIII, Probability=9%, Report=' MULTIPLE_RCPTS 0.1, HTML_00_01 0.05, HTML_00_10 0.05, MSGID_ADDED_BY_MTA 0.05, BODYTEXTP_SIZE_3000_LESS 0, BODY_SIZE_1300_1399 0, BODY_SIZE_2000_LESS 0, BODY_SIZE_5000_LESS 0, BODY_SIZE_7000_LESS 0, INVALID_MSGID_NO_FQDN 0, URI_ENDS_IN_HTML 0, __ANY_URI 0, __CD 0, __CP_URI_IN_BODY 0, __CT 0, __CT_TEXT_PLAIN 0, __DATE_TZ_RU 0, __HAS_FROM 0, __HAS_MSGID 0, __HAS_X_MAILING_LIST 0, __MIME_TEXT_ONLY 0, __MIME_VERSION 0, __MULTIPLE_RCPTS_CC_X2 0, __SANE_MSGID 0, __TO_MALFORMED_2 0, __URI_NO_WWW 0, __URI_NS , __USER_AGENT 0' |
Commit Message
Dan Carpenter
Jan. 8, 2015, 10:07 a.m. UTC
The "i" variable is used as an offset into both the dev->vfd[] and the
dev->devtype->vdevs[] arrays. The second array is smaller so we should
use that as a limit instead of ARRAY_SIZE(dev->vfd). Also the original
check was off by one.
We should use a format string as well in case the ->name has any funny
characters and also to stop static checkers from complaining.
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
--
To unsubscribe from this list: send the line "unsubscribe linux-media" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Comments
Am 08.01.2015 11:07, schrieb Dan Carpenter: > The "i" variable is used as an offset into both the dev->vfd[] and the > dev->devtype->vdevs[] arrays. The second array is smaller so we should > use that as a limit instead of ARRAY_SIZE(dev->vfd). Also the original > check was off by one. > > We should use a format string as well in case the ->name has any funny > characters and also to stop static checkers from complaining. > > Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> > > diff --git a/drivers/media/platform/coda/coda-common.c b/drivers/media/platform/coda/coda-common.c > index 39330a7..5dd6cae 100644 > --- a/drivers/media/platform/coda/coda-common.c > +++ b/drivers/media/platform/coda/coda-common.c > @@ -1844,10 +1844,11 @@ static int coda_register_device(struct coda_dev *dev, int i) > { > struct video_device *vfd = &dev->vfd[i]; > > - if (i > ARRAY_SIZE(dev->vfd)) > + if (i >= dev->devtype->num_vdevs) > return -EINVAL; hi, just a minor question. if i can not be trusted, i feel you should move the array access: struct video_device *vfd = &dev->vfd[i]; after the check i >= dev->devtype->num_vdevs at least that would improve the readability by not trigger my internal alarm "check after access" re, wh > - snprintf(vfd->name, sizeof(vfd->name), dev->devtype->vdevs[i]->name); > + snprintf(vfd->name, sizeof(vfd->name), "%s", > + dev->devtype->vdevs[i]->name); > vfd->fops = &coda_fops; > vfd->ioctl_ops = &coda_ioctl_ops; > vfd->release = video_device_release_empty, > -- > To unsubscribe from this list: send the line "unsubscribe kernel-janitors" in > the body of a message to majordomo@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html > -- To unsubscribe from this list: send the line "unsubscribe linux-media" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Thu, Jan 08, 2015 at 12:04:20PM +0100, walter harms wrote: > > @@ -1844,10 +1844,11 @@ static int coda_register_device(struct coda_dev *dev, int i) > > { > > struct video_device *vfd = &dev->vfd[i]; > > > > - if (i > ARRAY_SIZE(dev->vfd)) > > + if (i >= dev->devtype->num_vdevs) > > return -EINVAL; > > hi, > just a minor question. if i can not be trusted, i feel you should move the > array access: > struct video_device *vfd = &dev->vfd[i]; > after the check > i >= dev->devtype->num_vdevs > at least that would improve the readability by not trigger my internal alarm > "check after access" The "access" is just taking the address, not dereferencing so it's ok. This kind of code is fairly common and CodingStyle doesn't have an opinion here so I left it how the original author wrote it. regards, dan carpenter -- To unsubscribe from this list: send the line "unsubscribe linux-media" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/drivers/media/platform/coda/coda-common.c b/drivers/media/platform/coda/coda-common.c index 39330a7..5dd6cae 100644 --- a/drivers/media/platform/coda/coda-common.c +++ b/drivers/media/platform/coda/coda-common.c @@ -1844,10 +1844,11 @@ static int coda_register_device(struct coda_dev *dev, int i) { struct video_device *vfd = &dev->vfd[i]; - if (i > ARRAY_SIZE(dev->vfd)) + if (i >= dev->devtype->num_vdevs) return -EINVAL; - snprintf(vfd->name, sizeof(vfd->name), dev->devtype->vdevs[i]->name); + snprintf(vfd->name, sizeof(vfd->name), "%s", + dev->devtype->vdevs[i]->name); vfd->fops = &coda_fops; vfd->ioctl_ops = &coda_ioctl_ops; vfd->release = video_device_release_empty,