lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20230117060443.62153-1-jiapeng.chong@linux.alibaba.com>
Date:   Tue, 17 Jan 2023 14:04:43 +0800
From:   Jiapeng Chong <jiapeng.chong@...ux.alibaba.com>
To:     vneethv@...ux.ibm.com
Cc:     oberpar@...ux.ibm.com, hca@...ux.ibm.com, gor@...ux.ibm.com,
        agordeev@...ux.ibm.com, borntraeger@...ux.ibm.com,
        svens@...ux.ibm.com, linux-s390@...r.kernel.org,
        linux-kernel@...r.kernel.org,
        Jiapeng Chong <jiapeng.chong@...ux.alibaba.com>,
        Abaci Robot <abaci@...ux.alibaba.com>
Subject: [PATCH] s390/chsc: Switch over to memdup_user()

Use memdup_user rather than duplicating its implementation, this is a
little bit restricted to reduce false positives.

./drivers/s390/cio/chsc_sch.c:703:7-14: WARNING opportunity for memdup_user.

Link: https://bugzilla.openanolis.cn/show_bug.cgi?id=3785
Reported-by: Abaci Robot <abaci@...ux.alibaba.com>
Signed-off-by: Jiapeng Chong <jiapeng.chong@...ux.alibaba.com>
---
 drivers/s390/cio/chsc_sch.c | 14 +++++---------
 1 file changed, 5 insertions(+), 9 deletions(-)

diff --git a/drivers/s390/cio/chsc_sch.c b/drivers/s390/cio/chsc_sch.c
index 180ab899289c..097769a955c3 100644
--- a/drivers/s390/cio/chsc_sch.c
+++ b/drivers/s390/cio/chsc_sch.c
@@ -700,15 +700,11 @@ static int chsc_ioctl_conf_comp_list(void __user *user_ccl)
 	sccl_area = (void *)get_zeroed_page(GFP_KERNEL | GFP_DMA);
 	if (!sccl_area)
 		return -ENOMEM;
-	ccl = kzalloc(sizeof(*ccl), GFP_KERNEL);
-	if (!ccl) {
-		ret = -ENOMEM;
-		goto out_free;
-	}
-	if (copy_from_user(ccl, user_ccl, sizeof(*ccl))) {
-		ret = -EFAULT;
-		goto out_free;
-	}
+
+	ccl = memdup_user(user_ccl, sizeof(*ccl));
+	if (IS_ERR(ccl))
+		return PTR_ERR(ccl);
+
 	sccl_area->request.length = 0x0020;
 	sccl_area->request.code = 0x0030;
 	sccl_area->fmt = ccl->req.fmt;
-- 
2.20.1.7.g153144c

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ