lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 2 Nov 2022 12:55:21 -0700
From:   coverity-bot <keescook@...omium.org>
To:     Jason Gunthorpe <jgg@...pe.ca>
Cc:     Jason Gunthorpe <jgg@...dia.com>,
        Nicolin Chen <nicolinc@...dia.com>,
        "Gustavo A. R. Silva" <gustavo@...eddedor.com>,
        linux-next@...r.kernel.org, linux-hardening@...r.kernel.org
Subject: Coverity: iommufd_vfio_iommu_get_info(): Code maintainability issues

Hello!

This is an experimental semi-automated report about issues detected by
Coverity from a scan of next-20221102 as part of the linux-next scan project:
https://scan.coverity.com/projects/linux-next-weekly-scan

You're getting this email because you were associated with the identified
lines of code (noted below) that were touched by commits:

  Mon Oct 31 13:37:58 2022 -0300
    32c328dc9b73 ("iommufd: vfio container FD ioctl compatibility")

Coverity reported the following:

*** CID 1527093:  Code maintainability issues  (UNUSED_VALUE)
/drivers/iommu/iommufd/vfio_compat.c: 411 in iommufd_vfio_iommu_get_info()
405     	 */
406     	if (info.argsz >= total_cap_size)
407     		info.cap_offset = sizeof(info);
408     	info.argsz = total_cap_size;
409     	info.flags |= VFIO_IOMMU_INFO_CAPS;
410     	if (copy_to_user(arg, &info, minsz))
vvv     CID 1527093:  Code maintainability issues  (UNUSED_VALUE)
vvv     Assigning value "-14" to "rc" here, but that stored value is overwritten before it can be used.
411     		rc = -EFAULT;
412     	rc = 0;
413
414     out_put:
415     	up_read(&ioas->iopt.iova_rwsem);
416     	iommufd_put_object(&ioas->obj);

If this is a false positive, please let us know so we can mark it as
such, or teach the Coverity rules to be smarter. If not, please make
sure fixes get into linux-next. :) For patches fixing this, please
include these lines (but double-check the "Fixes" first):

Reported-by: coverity-bot <keescook+coverity-bot@...omium.org>
Addresses-Coverity-ID: 1527093 ("Code maintainability issues")
Fixes: 32c328dc9b73 ("iommufd: vfio container FD ioctl compatibility")

This looks more like a "goto" is missing after the -EFAULT assignment?

Thanks for your attention!

-- 
Coverity-bot

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ