[PATCH 0/5] UBI: Coverity-inspired fixes
Brian Norris
computersforpeace at gmail.com
Thu Mar 5 18:04:42 PST 2015
On Thu, Mar 05, 2015 at 11:33:14AM +0100, Richard Weinberger wrote:
> Brian,
>
> Am 28.02.2015 um 11:23 schrieb Brian Norris:
> > Except for the last one, these were inspired by Coverity Scan results.
> >
> > These fixes have barely been tested, but they are pretty straightforward
> > logically. As they've been sitting in my dust pile too long, I thought I'd at
> > least get them out there.
> >
> > Brian Norris (5):
> > UBI: account for bitflips in both the VID header and data
> > UBI: fix out of bounds write
> > UBI: initialize LEB number variable
> > UBI: fix check for "too many bytes"
> > UBI: align comment for readability
>
> Nice work!
> I'll test them later today.
> Just a quick question, no patch has a stable tag, is this by design?
> From a first look most of them look like stable material.
Two reasons:
1. I hadn't tested them heavily, and I definitely didn't try to target
their codepaths much.
2. Given #1 and the fact that these were just found by static analysis,
I don't think they pass this test from
Documentation/stable_kernel_rules.txt:
" - It must fix a real bug that bothers people (not a, "This could be a
problem..." type thing)."
So, I expected they would only be sent to stable if somebody (perhaps
me) is able to trigger something real, or at least gets some significant
testing on them.
Maybe this is a case where you send the fixes, and then send the commit
IDs to Greg after they have been proven stable and/or can be exploited
in some way through testing. (Option 2 in the updated
stable_kernel_rules.txt.)
But really, it's your/Artem's call.
Brian
More information about the linux-mtd
mailing list