2022-01-13 14:51:24

by Íñigo Huguet

[permalink] [raw]
Subject: [PATCH] rtw89: fix maybe uninitialized `qempty` variable

Call to dle_dfi_qempty might fail, leaving qempty.qempty untouched, which
is latter used to control the for loop. If that happens, it's not
initialized anywhere.

Initialize it so the loop doesn't iterate unless it's modified by the
call to dle_dfi_qempty.

Signed-off-by: Íñigo Huguet <[email protected]>
---
drivers/net/wireless/realtek/rtw89/mac.c | 1 +
1 file changed, 1 insertion(+)

diff --git a/drivers/net/wireless/realtek/rtw89/mac.c b/drivers/net/wireless/realtek/rtw89/mac.c
index afcd07ab1de7..9f73a2303e90 100644
--- a/drivers/net/wireless/realtek/rtw89/mac.c
+++ b/drivers/net/wireless/realtek/rtw89/mac.c
@@ -172,6 +172,7 @@ static void rtw89_mac_dump_qta_lost(struct rtw89_dev *rtwdev)

qempty.dle_type = DLE_CTRL_TYPE_PLE;
qempty.grpsel = 0;
+ qempty.qempty = ~(u32)0;
ret = dle_dfi_qempty(rtwdev, &qempty);
if (ret)
rtw89_warn(rtwdev, "%s: query DLE fail\n", __func__);
--
2.31.1


2022-01-14 14:38:49

by Ping-Ke Shih

[permalink] [raw]
Subject: RE: [PATCH] rtw89: fix maybe uninitialized `qempty` variable


> -----Original Message-----
> From: Íñigo Huguet <[email protected]>
> Sent: Thursday, January 13, 2022 5:43 PM
> To: [email protected]
> Cc: Pkshih <[email protected]>; [email protected]; Íñigo Huguet <[email protected]>
> Subject: [PATCH] rtw89: fix maybe uninitialized `qempty` variable
>
> Call to dle_dfi_qempty might fail, leaving qempty.qempty untouched, which
> is latter used to control the for loop. If that happens, it's not
> initialized anywhere.
>
> Initialize it so the loop doesn't iterate unless it's modified by the
> call to dle_dfi_qempty.
>
> Signed-off-by: Íñigo Huguet <[email protected]>

Acked-by: Ping-Ke Shih <[email protected]>

[...]

2022-01-31 11:14:16

by Kalle Valo

[permalink] [raw]
Subject: Re: [PATCH] rtw89: fix maybe uninitialized `qempty` variable

Íñigo Huguet <[email protected]> wrote:

> Call to dle_dfi_qempty might fail, leaving qempty.qempty untouched, which
> is latter used to control the for loop. If that happens, it's not
> initialized anywhere.
>
> Initialize it so the loop doesn't iterate unless it's modified by the
> call to dle_dfi_qempty.
>
> Signed-off-by: Íñigo Huguet <[email protected]>
> Acked-by: Ping-Ke Shih <[email protected]>

Patch applied to wireless-next.git, thanks.

89e4a00ff3c0 rtw89: fix maybe uninitialized `qempty` variable

--
https://patchwork.kernel.org/project/linux-wireless/patch/[email protected]/

https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches