lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Sat, 16 Apr 2022 05:24:34 -0500
From:   Rebecca Mckeever <remckee0@...il.com>
To:     outreachy@...ts.linux.dev
Cc:     Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        linux-staging@...ts.linux.dev, linux-kernel@...r.kernel.org,
        Rebecca Mckeever <remckee0@...il.com>
Subject: [PATCH] staging: rtl8192u: compare strcmp result to zero

Add " == 0" to the condition in both else if branches to address a
possible bug. strcmp returns 0 when its arguments are equal, which
evaluates to false, often leading to errors when used in if statements.

Currently, the statement in the first else if branch does not execute
when its arguments are equal, but it does execute when crypt->ops->name
equals any string other than "WEP" or "TKIP".

Similarly, the second else if branch does not execute when its arguments
are equal, and it only executes when crypt->ops->name equals "TKIP".
The else branch never executes.

It is unlikely that this is working as intended.

Signed-off-by: Rebecca Mckeever <remckee0@...il.com>
---
There is a similiar issue in
drivers/staging/rtl8192u/ieee80211/ieee80211_softmac.c
but I'm not sure if it's incorrect. The strcmp on line 2847 isn't
negated, but the ones on lines 2851, 2853, and 2855 are.

2845         /* IPW HW cannot build TKIP MIC, host decryption still needed. */
2846         if (!(ieee->host_encrypt || ieee->host_decrypt) &&
2847             strcmp(param->u.crypt.alg, "TKIP"))
2848                 goto skip_host_crypt;
2849 
2850         //set WEP40 first, it will be modified according to WEP104 or WEP40 at other place
2851         if (!strcmp(param->u.crypt.alg, "WEP"))
2852                 module = "ieee80211_crypt_wep";
2853         else if (!strcmp(param->u.crypt.alg, "TKIP"))
2854                 module = "ieee80211_crypt_tkip";
2855         else if (!strcmp(param->u.crypt.alg, "CCMP"))
2856                 module = "ieee80211_crypt_ccmp"; 

drivers/staging/rtl8192u/ieee80211/ieee80211_wx.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/drivers/staging/rtl8192u/ieee80211/ieee80211_wx.c b/drivers/staging/rtl8192u/ieee80211/ieee80211_wx.c
index 9885917b9199..d6829cf6f7e3 100644
--- a/drivers/staging/rtl8192u/ieee80211/ieee80211_wx.c
+++ b/drivers/staging/rtl8192u/ieee80211/ieee80211_wx.c
@@ -688,9 +688,9 @@ int ieee80211_wx_get_encode_ext(struct ieee80211_device *ieee,
 	} else {
 		if (strcmp(crypt->ops->name, "WEP") == 0)
 			ext->alg = IW_ENCODE_ALG_WEP;
-		else if (strcmp(crypt->ops->name, "TKIP"))
+		else if (strcmp(crypt->ops->name, "TKIP") == 0)
 			ext->alg = IW_ENCODE_ALG_TKIP;
-		else if (strcmp(crypt->ops->name, "CCMP"))
+		else if (strcmp(crypt->ops->name, "CCMP") == 0)
 			ext->alg = IW_ENCODE_ALG_CCMP;
 		else
 			return -EINVAL;
-- 
2.32.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ