lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Wed, 2 Nov 2022 17:06:00 -0300
From:   Jason Gunthorpe <jgg@...dia.com>
To:     coverity-bot <keescook@...omium.org>
Cc:     Nicolin Chen <nicolinc@...dia.com>,
        "Gustavo A. R. Silva" <gustavo@...eddedor.com>,
        linux-next@...r.kernel.org, linux-hardening@...r.kernel.org
Subject: Re: Coverity: iommufd_vfio_iommu_get_info(): Code maintainability
 issues

On Wed, Nov 02, 2022 at 12:55:21PM -0700, coverity-bot wrote:

> /drivers/iommu/iommufd/vfio_compat.c: 411 in iommufd_vfio_iommu_get_info()
> 405     	 */
> 406     	if (info.argsz >= total_cap_size)
> 407     		info.cap_offset = sizeof(info);
> 408     	info.argsz = total_cap_size;
> 409     	info.flags |= VFIO_IOMMU_INFO_CAPS;
> 410     	if (copy_to_user(arg, &info, minsz))
> vvv     CID 1527093:  Code maintainability issues  (UNUSED_VALUE)
> vvv     Assigning value "-14" to "rc" here, but that stored value is overwritten before it can be used.
> 411     		rc = -EFAULT;
> 412     	rc = 0;
> 413
> 414     out_put:
> 415     	up_read(&ioas->iopt.iova_rwsem);
> 416     	iommufd_put_object(&ioas->obj);
> 
> If this is a false positive, please let us know so we can mark it as
> such, or teach the Coverity rules to be smarter. If not, please make
> sure fixes get into linux-next. :) For patches fixing this, please
> include these lines (but double-check the "Fixes" first):

Yes, this is legit, we already fixed it

Thanks,
Jason

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ