This code causes a static checker bug.
drivers/net/wireless/ralink/rt2x00/rt2500usb.c:232 _rt2500usb_register_read()
warn: passing casted pointer 'value' to 'rt2500usb_register_read()' 32 vs 16.
If the low 16 bits were initialized to zero then this code would only be
a problem on big endian systems. But in this case this is case the low
16 bits are never initialized. This is called from a function which is
created using a macro:
RT2X00DEBUGFS_OPS(csr, "0x%.8x\n", u32);
We end up copying uninitialized data to the user which is bogus and an
information leak.
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Acked-by: Stanislaw Gruszka <sgruszka@redhat.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
const unsigned int offset,
u32 *value)
{
- rt2500usb_register_read(rt2x00dev, offset, (u16 *)value);
+ u16 tmp;
+
+ rt2500usb_register_read(rt2x00dev, offset, &tmp);
+ *value = tmp;
}
static void _rt2500usb_register_write(struct rt2x00_dev *rt2x00dev,