This patch resolves the following smatch issues:
wl_cfg80211.c +1377 brcmf_cfg80211_connect(65) warn: min_t truncates
here '(sme->ssid_len)' (
4294967295 vs
9223372036854775807)
dhd_sdio.c +1275 brcmf_sdbrcm_rxglom(156) warn: min_t truncates here
'(pfirst->len)' (
2147483647 vs
4294967295)
dhd_sdio.c +1457 brcmf_sdbrcm_rxglom(338) warn: min_t truncates here
'(pfirst->len)' (
2147483647 vs
4294967295)
bcmsdh_sdmmc.c +300 brcmf_sdioh_request_buffer(10) warn: variable
dereferenced before check 'pkt' (see line 295)
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Reviewed-by: Pieter-Paul Giesberts <pieterpg@broadcom.com>
Reviewed-by: Franky (Zhenhui) Lin <frankyl@broadcom.com>
Signed-off-by: Arend van Spriel <arend@broadcom.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
struct sk_buff *pkt)
{
int status;
- uint pkt_len = pkt->len;
+ uint pkt_len;
bool fifo = (fix_inc == SDIOH_DATA_FIX);
brcmf_dbg(TRACE, "Enter\n");
if (pkt == NULL)
return -EINVAL;
+ pkt_len = pkt->len;
brcmf_pm_resume_wait(sdiodev, &sdiodev->request_buffer_wait);
if (brcmf_pm_resume_error(sdiodev))
memset(&join_params, 0, sizeof(join_params));
join_params_size = sizeof(join_params.ssid_le);
- ssid.SSID_len = min_t(u32, sizeof(ssid.SSID), sme->ssid_len);
+ ssid.SSID_len = min_t(u32, sizeof(ssid.SSID), (u32)sme->ssid_len);
memcpy(&join_params.ssid_le.SSID, sme->ssid, ssid.SSID_len);
memcpy(&ssid.SSID, sme->ssid, ssid.SSID_len);
join_params.ssid_le.SSID_len = cpu_to_le32(ssid.SSID_len);