On Wed, Oct 02, 2019 at 08:41:03PM +0300, Denis Efremov wrote: > The result variable in prism2_connect() can be used uninitialized on path > !channel --> ... --> is_wep --> sme->key --> sme->key_idx >= NUM_WEPKEYS. > This patch initializes result with 0. > > Cc: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> > Cc: stable@xxxxxxxxxxxxxxx > Signed-off-by: Denis Efremov <efremov@xxxxxxxxx> > --- > drivers/staging/wlan-ng/cfg80211.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/drivers/staging/wlan-ng/cfg80211.c b/drivers/staging/wlan-ng/cfg80211.c > index eee1998c4b18..d426905e187e 100644 > --- a/drivers/staging/wlan-ng/cfg80211.c > +++ b/drivers/staging/wlan-ng/cfg80211.c > @@ -441,7 +441,7 @@ static int prism2_connect(struct wiphy *wiphy, struct net_device *dev, > int chan = -1; > int is_wep = (sme->crypto.cipher_group == WLAN_CIPHER_SUITE_WEP40) || > (sme->crypto.cipher_group == WLAN_CIPHER_SUITE_WEP104); > - int result; > + int result = 0; > int err = 0; > I can't see any reason why we should have both "err" and "result". Maybe in olden times "result" used to save positive error codes instead of negative error codes but now it's just negatives and zero on success. There is no reason for the exit label either, we could just return directly. So could you redo it and get rid of "result" entirely? Otherwise it just causes more bugs like this. regards, dan carpenter _______________________________________________ devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxx http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
