lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20220719070005.39531-1-jiapeng.chong@linux.alibaba.com>
Date:   Tue, 19 Jul 2022 15:00:05 +0800
From:   Jiapeng Chong <jiapeng.chong@...ux.alibaba.com>
To:     hch@....de
Cc:     sagi@...mberg.me, kch@...dia.com, linux-nvme@...ts.infradead.org,
        linux-kernel@...r.kernel.org,
        Jiapeng Chong <jiapeng.chong@...ux.alibaba.com>,
        Abaci Robot <abaci@...ux.alibaba.com>
Subject: [PATCH] nvmet-auth: Fix unsigned comparison with less than zero

The return from the call to nvmet_auth_challenge() and nvmet_setup_auth()
is int, it can be a negative error code, however this is being assigned
to an u16 variable 'status', so making 'status' an int, and change the
position to keep the code format.

This was found by coccicheck:

./drivers/nvme/target/fabrics-cmd-auth.c:488:6-12: WARNING: Unsigned expression compared with zero: status < 0.
./drivers/nvme/target/fabrics-cmd-auth.c:251:8-14: WARNING: Unsigned expression compared with zero: status < 0.

Reported-by: Abaci Robot <abaci@...ux.alibaba.com>
Signed-off-by: Jiapeng Chong <jiapeng.chong@...ux.alibaba.com>
---
 drivers/nvme/target/fabrics-cmd-auth.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/drivers/nvme/target/fabrics-cmd-auth.c b/drivers/nvme/target/fabrics-cmd-auth.c
index cc56e8c821ce..02d1931a8219 100644
--- a/drivers/nvme/target/fabrics-cmd-auth.c
+++ b/drivers/nvme/target/fabrics-cmd-auth.c
@@ -190,7 +190,7 @@ void nvmet_execute_auth_send(struct nvmet_req *req)
 	struct nvmf_auth_dhchap_success2_data *data;
 	void *d;
 	u32 tl;
-	u16 status = 0;
+	int status = 0;
 
 	if (req->cmd->auth_send.secp != NVME_AUTH_DHCHAP_PROTOCOL_IDENTIFIER) {
 		status = NVME_SC_INVALID_FIELD | NVME_SC_DNR;
@@ -443,7 +443,7 @@ void nvmet_execute_auth_receive(struct nvmet_req *req)
 	struct nvmet_ctrl *ctrl = req->sq->ctrl;
 	void *d;
 	u32 al;
-	u16 status = 0;
+	int status = 0;
 
 	if (req->cmd->auth_receive.secp != NVME_AUTH_DHCHAP_PROTOCOL_IDENTIFIER) {
 		status = NVME_SC_INVALID_FIELD | NVME_SC_DNR;
-- 
2.20.1.7.g153144c

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ