lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <20211122150754.4044081-1-arnd@kernel.org>
Date:   Mon, 22 Nov 2021 16:07:44 +0100
From:   Arnd Bergmann <arnd@...nel.org>
To:     "David S. Miller" <davem@...emloft.net>,
        Jakub Kicinski <kuba@...nel.org>,
        Moritz Fischer <mdf@...nel.org>
Cc:     Arnd Bergmann <arnd@...db.de>,
        Yang Yingliang <yangyingliang@...wei.com>,
        Huazhong Tan <tanhuazhong@...wei.com>,
        Yufeng Mo <moyufeng@...wei.com>,
        Cai Huoqing <caihuoqing@...du.com>, netdev@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: [PATCH] [v2] nixge: fix mac address error handling again

From: Arnd Bergmann <arnd@...db.de>

The change to eth_hw_addr_set() caused gcc to correctly spot a
bug that was introduced in an earlier incorrect fix:

In file included from include/linux/etherdevice.h:21,
                 from drivers/net/ethernet/ni/nixge.c:7:
In function '__dev_addr_set',
    inlined from 'eth_hw_addr_set' at include/linux/etherdevice.h:319:2,
    inlined from 'nixge_probe' at drivers/net/ethernet/ni/nixge.c:1286:3:
include/linux/netdevice.h:4648:9: error: 'memcpy' reading 6 bytes from a region of size 0 [-Werror=stringop-overread]
 4648 |         memcpy(dev->dev_addr, addr, len);
      |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

As nixge_get_nvmem_address() can return either NULL or an error
pointer, the NULL check is wrong, and we can end up reading from
ERR_PTR(-EOPNOTSUPP), which gcc knows to contain zero readable
bytes.

Make the function always return NULL on error for consistency,
this addresses the bug and the compiler warning.

Fixes: f3956ebb3bf0 ("ethernet: use eth_hw_addr_set() instead of ether_addr_copy()")
Fixes: abcd3d6fc640 ("net: nixge: Fix error path for obtaining mac address")
Signed-off-by: Arnd Bergmann <arnd@...db.de>
---
v2: return NULL consistently, rather than returning error pointer
---
 drivers/net/ethernet/ni/nixge.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/drivers/net/ethernet/ni/nixge.c b/drivers/net/ethernet/ni/nixge.c
index cfeb7620ae20..9d8826ad84a6 100644
--- a/drivers/net/ethernet/ni/nixge.c
+++ b/drivers/net/ethernet/ni/nixge.c
@@ -1213,6 +1213,8 @@ static void *nixge_get_nvmem_address(struct device *dev)
 
 	mac = nvmem_cell_read(cell, &cell_size);
 	nvmem_cell_put(cell);
+	if (IS_ERR(mac))
+		return NULL;
 
 	return mac;
 }
-- 
2.29.2

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ