From: Kuan-Wei Chiu <visitorckw@gmail.com>
To: Tanya Agarwal <tanyaagarwal25699@gmail.com>
Cc: paul@paul-moore.com, jmorris@namei.org, serge@hallyn.com,
kees@kernel.org, yuehaibing@huawei.com,
linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org, matthewgarrett@google.com,
skhan@linuxfoundation.org, anupnewsmail@gmail.com
Subject: Re: [PATCH V3] lockdown: Initialize array before use
Date: Sun, 5 Jan 2025 18:42:10 +0800 [thread overview]
Message-ID: <Z3piAiLGWgsegpy6@visitorckw-System-Product-Name> (raw)
In-Reply-To: <20250105070537.58334-1-tanyaagarwal25699@gmail.com>
Hi Tanya,
On Sun, Jan 05, 2025 at 12:35:38PM +0530, Tanya Agarwal wrote:
> From: Tanya Agarwal <tanyaagarwal25699@gmail.com>
>
> The static code analysis tool "Coverity Scan" pointed the following
> details out for further development considerations:
> CID 1486102: Uninitialized scalar variable (UNINIT)
> uninit_use_in_call: Using uninitialized value *temp when calling
> strlen.
>
> Conclusion:
> Initialize array before use in lockdown_read() to satisfy the static
> analyzer.
>
> Fixes: 000d388ed3bb ("security: Add a static lockdown policy LSM")
> Signed-off-by: Tanya Agarwal <tanyaagarwal25699@gmail.com>
I don't believe this is a real bug. The lockdown_reasons array is a
non-empty constant, so temp is guaranteed to be written to by sprintf
before being passed to strlen.
When submitting patches in the future, could you also include an
analysis of the conditions that might lead to the bug, along with the
coverity scan report?
Regards,
Kuan-Wei
next prev parent reply other threads:[~2025-01-05 10:42 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-01-05 7:05 [PATCH V3] lockdown: Initialize array before use Tanya Agarwal
2025-01-05 10:42 ` Kuan-Wei Chiu [this message]
2025-01-05 17:48 ` [PATCH v3] " Paul Moore
2025-01-05 17:52 ` Tanya Agarwal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Z3piAiLGWgsegpy6@visitorckw-System-Product-Name \
--to=visitorckw@gmail.com \
--cc=anupnewsmail@gmail.com \
--cc=jmorris@namei.org \
--cc=kees@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=matthewgarrett@google.com \
--cc=paul@paul-moore.com \
--cc=serge@hallyn.com \
--cc=skhan@linuxfoundation.org \
--cc=tanyaagarwal25699@gmail.com \
--cc=yuehaibing@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox