lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-id: <1449734044-29181-1-git-send-email-a.hajda@samsung.com>
Date:	Thu, 10 Dec 2015 08:54:04 +0100
From:	Andrzej Hajda <a.hajda@...sung.com>
To:	linux-wireless@...r.kernel.org (open list:NFC SUBSYSTEM)
Cc:	Andrzej Hajda <a.hajda@...sung.com>,
	Bartlomiej Zolnierkiewicz <b.zolnierkie@...sung.com>,
	Marek Szyprowski <m.szyprowski@...sung.com>,
	Lauro Ramos Venancio <lauro.venancio@...nbossa.org>,
	Aloisio Almeida Jr <aloisio.almeida@...nbossa.org>,
	Samuel Ortiz <sameo@...ux.intel.com>,
	linux-kernel@...r.kernel.org (open list)
Subject: [PATCH] NFC: fdp: fix handling return value of
 nci_conn_max_data_pkt_payload_size

The function can return negative values, so its result should
be assigned to signed variable.

The problem has been detected using proposed semantic patch
scripts/coccinelle/tests/assign_signed_to_unsigned.cocci [1].

[1]: http://permalink.gmane.org/gmane.linux.kernel/2046107

Signed-off-by: Andrzej Hajda <a.hajda@...sung.com>
---
 drivers/nfc/fdp/fdp.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/drivers/nfc/fdp/fdp.c b/drivers/nfc/fdp/fdp.c
index 440fac3..37a7134 100644
--- a/drivers/nfc/fdp/fdp.c
+++ b/drivers/nfc/fdp/fdp.c
@@ -192,7 +192,7 @@ static int fdp_nci_send_patch(struct nci_dev *ndev, u8 conn_id, u8 type)
 	struct sk_buff *skb;
 	unsigned long len;
 	u8 max_size, payload_size;
-	int rc = 0;
+	int rc;
 
 	if ((type == NCI_PATCH_TYPE_OTP && !info->otp_patch) ||
 	    (type == NCI_PATCH_TYPE_RAM && !info->ram_patch))
@@ -203,11 +203,13 @@ static int fdp_nci_send_patch(struct nci_dev *ndev, u8 conn_id, u8 type)
 	else
 		fw = info->ram_patch;
 
-	max_size = nci_conn_max_data_pkt_payload_size(ndev, conn_id);
-	if (max_size <= 0)
+	rc = nci_conn_max_data_pkt_payload_size(ndev, conn_id);
+	if (rc <= 0)
 		return -EINVAL;
+	max_size = rc;
 
 	len = fw->size;
+	rc = 0;
 
 	fdp_nci_set_data_pkt_counter(ndev, fdp_nci_send_patch_cb,
 				     DIV_ROUND_UP(fw->size, max_size));
-- 
1.9.1

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ