From 0e8428d26ffd80789aa83442676e6fb800e9c0ff Mon Sep 17 00:00:00 2001 From: Dmitry Vyukov Date: Thu, 23 Jan 2020 14:07:01 +0100 Subject: tools/syz-check: add limited checking of varlen structs Stop at the fist varlen field, but check the preceeding ones. Frequently the varlen array is the last field, so we should get good checking for these cases. Update #590 --- sys/linux/vusb.txt.warn | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'sys/linux/vusb.txt.warn') diff --git a/sys/linux/vusb.txt.warn b/sys/linux/vusb.txt.warn index a30c68a5c..d8dfed46e 100644 --- a/sys/linux/vusb.txt.warn +++ b/sys/linux/vusb.txt.warn @@ -13,6 +13,13 @@ compiler: len target caps refer to an array with variable-size elements (do you no-such-struct: usb_wireless_cap_descriptor bad-field-number: usb_ext_cap_descriptor: syz=7 kernel=4 bad-bitfield: usb_ext_cap_descriptor.bmAttributes1/bmAttributes: size/offset: syz=8/0 kernel=0/0 +bad-bitfield: usb_ssp_cap_descriptor.bmAttributesSublinkSpeeds/bmAttributes: size/offset: syz=5/0 kernel=0/0 +bad-bitfield: usb_ssp_cap_descriptor.bmAttributesSpeedIDs/wFunctionalitySupport: size/offset: syz=27/5 kernel=0/0 +bad-field-offset: usb_ssp_cap_descriptor.bmAttributesSpeedIDs/wFunctionalitySupport: syz=4 kernel=8 +bad-field-size: usb_ssp_cap_descriptor.bmAttributesSpeedIDs/wFunctionalitySupport: syz=4 kernel=2 +bad-field-offset: usb_ssp_cap_descriptor.wFunctionalitySupport/wReserved: syz=8 kernel=10 +bad-field-offset: usb_ssp_cap_descriptor.wReserved/bmSublinkSpeedAttr: syz=10 kernel=12 +bad-field-size: usb_ssp_cap_descriptor.wReserved/bmSublinkSpeedAttr: syz=2 kernel=4 no-such-struct: usb_hub_descriptor_hs no-such-struct: usb_hub_descriptor_ss no-such-struct: usb_endpoint_descriptor_hid_in -- cgit mrf-deployment