| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 3 Apr 2020 11:13:39 -0400
From: Alain Michaud <alainmichaud@...gle.com>
To: Guenter Roeck <linux@...ck-us.net>
Cc: Marcel Holtmann <marcel@...tmann.org>,
Johan Hedberg <johan.hedberg@...il.com>,
"David S . Miller" <davem@...emloft.net>,
Jakub Kicinski <kuba@...nel.org>,
BlueZ <linux-bluetooth@...r.kernel.org>,
netdev <netdev@...r.kernel.org>,
LKML <linux-kernel@...r.kernel.org>,
Sonny Sasaka <sonnysasaka@...omium.org>
Subject: Re: [PATCH] Bluetooth: Simplify / fix return values from tk_request
Hi Guenter/Marcel,
On Fri, Apr 3, 2020 at 11:03 AM Guenter Roeck <linux@...ck-us.net> wrote:
>
> Some static checker run by 0day reports a variableScope warning.
>
> net/bluetooth/smp.c:870:6: warning:
> The scope of the variable 'err' can be reduced. [variableScope]
>
> There is no need for two separate variables holding return values.
> Stick with the existing variable. While at it, don't pre-initialize
> 'ret' because it is set in each code path.
>
> tk_request() is supposed to return a negative error code on errors,
> not a bluetooth return code. The calling code converts the return
> value to SMP_UNSPECIFIED if needed.
>
> Fixes: 92516cd97fd4 ("Bluetooth: Always request for user confirmation for Just Works")
> Cc: Sonny Sasaka <sonnysasaka@...omium.org>
> Signed-off-by: Guenter Roeck <linux@...ck-us.net>
> ---
> net/bluetooth/smp.c | 9 ++++-----
> 1 file changed, 4 insertions(+), 5 deletions(-)
>
> diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c
> index d0b695ee49f6..30e8626dd553 100644
> --- a/net/bluetooth/smp.c
> +++ b/net/bluetooth/smp.c
> @@ -854,8 +854,7 @@ static int tk_request(struct l2cap_conn *conn, u8 remote_oob, u8 auth,
> struct l2cap_chan *chan = conn->smp;
> struct smp_chan *smp = chan->data;
> u32 passkey = 0;
> - int ret = 0;
> - int err;
> + int ret;
>
> /* Initialize key for JUST WORKS */
> memset(smp->tk, 0, sizeof(smp->tk));
> @@ -887,12 +886,12 @@ static int tk_request(struct l2cap_conn *conn, u8 remote_oob, u8 auth,
> /* If Just Works, Continue with Zero TK and ask user-space for
> * confirmation */
> if (smp->method == JUST_WORKS) {
> - err = mgmt_user_confirm_request(hcon->hdev, &hcon->dst,
> + ret = mgmt_user_confirm_request(hcon->hdev, &hcon->dst,
> hcon->type,
> hcon->dst_type,
> passkey, 1);
> - if (err)
> - return SMP_UNSPECIFIED;
> + if (ret)
> + return ret;
I think there may be some miss match between expected types of error
codes here. The SMP error code type seems to be expected throughout
this code base, so this change would propagate a potential negative
value while the rest of the SMP protocol expects strictly positive
error codes.
> set_bit(SMP_FLAG_WAIT_USER, &smp->flags);
> return 0;
> }
> --
> 2.17.1
>
Thanks,
Alain
Powered by blists - more mailing lists