| Message ID | 20181210142532.15315-1-martink@posteo.de (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | iio: accel: mma9551_core: prevent using uninitialized variable | expand |
On Mon, 10 Dec 2018 15:25:32 +0100 Martin Kepplinger <martink@posteo.de> wrote: > mma9551_gpio_config()'s switch statement sets the uninitialized pol_mask > variable but doesn't have default settings. Said function can therefore > be called in a way to use the uninitialized variable (at least in case > enum mma9551_gpio_pin is extended with unhandled values). > > While things should be fine now, this initializes pol_mask just to prevent > failure. I'm unconvinced by this approach. Should the enum be extended and have unhandled values then the value of reg will be garbage as well. I'd much rather see the switch statement have a default with appropriate error return. Jonathan > > Signed-off-by: Martin Kepplinger <martink@posteo.de> > --- > drivers/iio/accel/mma9551_core.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/drivers/iio/accel/mma9551_core.c b/drivers/iio/accel/mma9551_core.c > index c34c5ce8123b..2fc79b14888b 100644 > --- a/drivers/iio/accel/mma9551_core.c > +++ b/drivers/iio/accel/mma9551_core.c > @@ -539,7 +539,8 @@ EXPORT_SYMBOL(mma9551_update_config_bits); > int mma9551_gpio_config(struct i2c_client *client, enum mma9551_gpio_pin pin, > u8 app_id, u8 bitnum, int polarity) > { > - u8 reg, pol_mask, pol_val; > + u8 reg, pol_val; > + u8 pol_mask = 0; > int ret; > > if (pin > mma9551_gpio_max) {
diff --git a/drivers/iio/accel/mma9551_core.c b/drivers/iio/accel/mma9551_core.c index c34c5ce8123b..2fc79b14888b 100644 --- a/drivers/iio/accel/mma9551_core.c +++ b/drivers/iio/accel/mma9551_core.c @@ -539,7 +539,8 @@ EXPORT_SYMBOL(mma9551_update_config_bits); int mma9551_gpio_config(struct i2c_client *client, enum mma9551_gpio_pin pin, u8 app_id, u8 bitnum, int polarity) { - u8 reg, pol_mask, pol_val; + u8 reg, pol_val; + u8 pol_mask = 0; int ret; if (pin > mma9551_gpio_max) {
mma9551_gpio_config()'s switch statement sets the uninitialized pol_mask variable but doesn't have default settings. Said function can therefore be called in a way to use the uninitialized variable (at least in case enum mma9551_gpio_pin is extended with unhandled values). While things should be fine now, this initializes pol_mask just to prevent failure. Signed-off-by: Martin Kepplinger <martink@posteo.de> --- drivers/iio/accel/mma9551_core.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)