LinuxLists.cc - [PATCH -next] rtc: synqmp: uninitialized variable error

2022-08-03 02:00:21

Subject: [PATCH -next] rtc: synqmp: uninitialized variable error

fract_tick is uninitialized and can lead to uninitialized read which can
result in any arbitrary value from previous computations. If the code
flow doesnt execute the `if (fract_offset > (tick_mult /
RTC_FR_MAX_TICKS)) { ` block, fract_tick is left uninitialized.
Initializing with zero fixes the issue.

Signed-off-by: Sebin Sebastian <[email protected]>
---
drivers/rtc/rtc-zynqmp.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/rtc/rtc-zynqmp.c b/drivers/rtc/rtc-zynqmp.c
index 1dd389b891fe..c9b85c838ebe 100644
--- a/drivers/rtc/rtc-zynqmp.c
+++ b/drivers/rtc/rtc-zynqmp.c
@@ -203,7 +203,7 @@ static int xlnx_rtc_set_offset(struct device *dev, long offset)
struct xlnx_rtc_dev *xrtcdev = dev_get_drvdata(dev);
unsigned long long rtc_ppb = RTC_PPB;
unsigned int tick_mult = do_div(rtc_ppb, xrtcdev->freq);
- unsigned char fract_tick;
+ unsigned char fract_tick = 0;
unsigned int calibval;
short int max_tick;
int fract_offset;
--
2.34.1

2022-08-03 05:49:28

by Michal Simek

[permalink] [raw]

Subject: Re: [PATCH -next] rtc: synqmp: uninitialized variable error

Hi,

On 8/3/22 03:31, Sebin Sebastian wrote:
>
> fract_tick is uninitialized and can lead to uninitialized read which can
> result in any arbitrary value from previous computations. If the code
> flow doesnt execute the `if (fract_offset > (tick_mult /
> RTC_FR_MAX_TICKS)) { ` block, fract_tick is left uninitialized.
> Initializing with zero fixes the issue.
>
> Signed-off-by: Sebin Sebastian <[email protected]>
> ---
> drivers/rtc/rtc-zynqmp.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/rtc/rtc-zynqmp.c b/drivers/rtc/rtc-zynqmp.c
> index 1dd389b891fe..c9b85c838ebe 100644
> --- a/drivers/rtc/rtc-zynqmp.c
> +++ b/drivers/rtc/rtc-zynqmp.c
> @@ -203,7 +203,7 @@ static int xlnx_rtc_set_offset(struct device *dev, long offset)
> struct xlnx_rtc_dev *xrtcdev = dev_get_drvdata(dev);
> unsigned long long rtc_ppb = RTC_PPB;
> unsigned int tick_mult = do_div(rtc_ppb, xrtcdev->freq);
> - unsigned char fract_tick;
> + unsigned char fract_tick = 0;
> unsigned int calibval;
> short int max_tick;
> int fract_offset;
> --
> 2.34.1
>

Alexandre already send the patch for it here.

https://lore.kernel.org/r/[email protected]

Thanks,
Michal