drivers/block/paride/pcd.c | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-)
clang static analysis reports
drivers/block/paride/pcd.c:856:36: warning: The left operand of '&'
is a garbage value [core.UndefinedBinaryOperatorResult]
tocentry->cdte_ctrl = buffer[5] & 0xf;
~~~~~~~~~ ^
When the call to pcd_atapi() fails, buffer[] is in an unknown state,
so return early.
Signed-off-by: Tom Rix <trix@redhat.com>
---
drivers/block/paride/pcd.c | 11 ++++++-----
1 file changed, 6 insertions(+), 5 deletions(-)
diff --git a/drivers/block/paride/pcd.c b/drivers/block/paride/pcd.c
index a5ab40784119..4524d8880463 100644
--- a/drivers/block/paride/pcd.c
+++ b/drivers/block/paride/pcd.c
@@ -827,12 +827,13 @@ static int pcd_audio_ioctl(struct cdrom_device_info *cdi, unsigned int cmd, void
char buffer[32];
int r;
- r = pcd_atapi(cd, cmd, 12, buffer, "read toc header");
+ if (pcd_atapi(cd, cmd, 12, buffer, "read toc header"))
+ return -EIO;
tochdr->cdth_trk0 = buffer[2];
tochdr->cdth_trk1 = buffer[3];
- return r ? -EIO : 0;
+ return 0;
}
case CDROMREADTOCENTRY:
@@ -845,13 +846,13 @@ static int pcd_audio_ioctl(struct cdrom_device_info *cdi, unsigned int cmd, void
struct cdrom_tocentry *tocentry =
(struct cdrom_tocentry *) arg;
unsigned char buffer[32];
- int r;
cmd[1] =
(tocentry->cdte_format == CDROM_MSF ? 0x02 : 0);
cmd[6] = tocentry->cdte_track;
- r = pcd_atapi(cd, cmd, 12, buffer, "read toc entry");
+ if (pcd_atapi(cd, cmd, 12, buffer, "read toc entry"))
+ return -EIO;
tocentry->cdte_ctrl = buffer[5] & 0xf;
tocentry->cdte_adr = buffer[5] >> 4;
@@ -866,7 +867,7 @@ static int pcd_audio_ioctl(struct cdrom_device_info *cdi, unsigned int cmd, void
(((((buffer[8] << 8) + buffer[9]) << 8)
+ buffer[10]) << 8) + buffer[11];
- return r ? -EIO : 0;
+ return 0;
}
default:
--
2.27.0On Sat, Jan 14, 2023 at 9:01 AM Tom Rix <trix@redhat.com> wrote: > > clang static analysis reports > drivers/block/paride/pcd.c:856:36: warning: The left operand of '&' > is a garbage value [core.UndefinedBinaryOperatorResult] > tocentry->cdte_ctrl = buffer[5] & 0xf; > ~~~~~~~~~ ^ > > When the call to pcd_atapi() fails, buffer[] is in an unknown state, > so return early. > > Signed-off-by: Tom Rix <trix@redhat.com> > --- > drivers/block/paride/pcd.c | 11 ++++++----- > 1 file changed, 6 insertions(+), 5 deletions(-) > > diff --git a/drivers/block/paride/pcd.c b/drivers/block/paride/pcd.c > index a5ab40784119..4524d8880463 100644 > --- a/drivers/block/paride/pcd.c > +++ b/drivers/block/paride/pcd.c > @@ -827,12 +827,13 @@ static int pcd_audio_ioctl(struct cdrom_device_info *cdi, unsigned int cmd, void > char buffer[32]; > int r; Hi Tom, Thanks for the patch! It looks like `r` is now unused; mind removing that in v2? Same below. > > - r = pcd_atapi(cd, cmd, 12, buffer, "read toc header"); > + if (pcd_atapi(cd, cmd, 12, buffer, "read toc header")) > + return -EIO; > > tochdr->cdth_trk0 = buffer[2]; > tochdr->cdth_trk1 = buffer[3]; > > - return r ? -EIO : 0; > + return 0; > } > > case CDROMREADTOCENTRY: > @@ -845,13 +846,13 @@ static int pcd_audio_ioctl(struct cdrom_device_info *cdi, unsigned int cmd, void > struct cdrom_tocentry *tocentry = > (struct cdrom_tocentry *) arg; > unsigned char buffer[32]; > - int r; ^ > > cmd[1] = > (tocentry->cdte_format == CDROM_MSF ? 0x02 : 0); > cmd[6] = tocentry->cdte_track; > > - r = pcd_atapi(cd, cmd, 12, buffer, "read toc entry"); > + if (pcd_atapi(cd, cmd, 12, buffer, "read toc entry")) > + return -EIO; > > tocentry->cdte_ctrl = buffer[5] & 0xf; > tocentry->cdte_adr = buffer[5] >> 4; > @@ -866,7 +867,7 @@ static int pcd_audio_ioctl(struct cdrom_device_info *cdi, unsigned int cmd, void > (((((buffer[8] << 8) + buffer[9]) << 8) > + buffer[10]) << 8) + buffer[11]; > > - return r ? -EIO : 0; > + return 0; > } > > default: > -- > 2.27.0 > > -- Thanks, ~Nick Desaulniers
© 2016 - 2025 Red Hat, Inc.