lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:   Mon, 11 Sep 2023 11:17:57 +0300
From:   Dan Carpenter <dan.carpenter@...aro.org>
To:     oe-kbuild@...ts.linux.dev, Hilda Wu <hildawu@...ltek.com>
Cc:     lkp@...el.com, oe-kbuild-all@...ts.linux.dev,
        linux-kernel@...r.kernel.org,
        Luiz Augusto von Dentz <luiz.von.dentz@...el.com>,
        Alex Lu <alex_lu@...lsil.com.cn>,
        Simon Horman <simon.horman@...igine.com>
Subject: net/bluetooth/msft.c:563 msft_add_monitor_sync() warn: passing zero
 to 'PTR_ERR'

tree:   https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head:   32bf43e4efdb87e0f7e90ba3883e07b8522322ad
commit: 9e14606d8f38ea52a38c27692a9c1513c987a5da Bluetooth: msft: Extended monitor tracking by address filter
config: x86_64-randconfig-161-20230906 (https://download.01.org/0day-ci/archive/20230909/202309091157.V0PEAQVg-lkp@intel.com/config)
compiler: gcc-12 (Debian 12.2.0-14) 12.2.0
reproduce: (https://download.01.org/0day-ci/archive/20230909/202309091157.V0PEAQVg-lkp@intel.com/reproduce)

If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@...el.com>
| Reported-by: Dan Carpenter <dan.carpenter@...aro.org>
| Closes: https://lore.kernel.org/r/202309091157.V0PEAQVg-lkp@intel.com/

smatch warnings:
net/bluetooth/msft.c:563 msft_add_monitor_sync() warn: passing zero to 'PTR_ERR'

vim +/PTR_ERR +563 net/bluetooth/msft.c

182ee45da083db Luiz Augusto von Dentz 2021-10-27  549  	list_for_each_entry(entry, &monitor->patterns, list) {
182ee45da083db Luiz Augusto von Dentz 2021-10-27  550  		pattern = (void *)(pattern_data->data + offset);
182ee45da083db Luiz Augusto von Dentz 2021-10-27  551  		/* the length also includes data_type and offset */
182ee45da083db Luiz Augusto von Dentz 2021-10-27  552  		pattern->length = entry->length + 2;
182ee45da083db Luiz Augusto von Dentz 2021-10-27  553  		pattern->data_type = entry->ad_type;
182ee45da083db Luiz Augusto von Dentz 2021-10-27  554  		pattern->start_byte = entry->offset;
182ee45da083db Luiz Augusto von Dentz 2021-10-27  555  		memcpy(pattern->pattern, entry->value, entry->length);
182ee45da083db Luiz Augusto von Dentz 2021-10-27  556  		offset += sizeof(*pattern) + entry->length;
182ee45da083db Luiz Augusto von Dentz 2021-10-27  557  	}
182ee45da083db Luiz Augusto von Dentz 2021-10-27  558  
182ee45da083db Luiz Augusto von Dentz 2021-10-27  559  	skb = __hci_cmd_sync(hdev, hdev->msft_opcode, total_size, cp,
182ee45da083db Luiz Augusto von Dentz 2021-10-27  560  			     HCI_CMD_TIMEOUT);
182ee45da083db Luiz Augusto von Dentz 2021-10-27  561  
ce78e557ff8819 Soenke Huster          2022-07-22  562  	if (IS_ERR_OR_NULL(skb)) {
9e14606d8f38ea Hilda Wu               2023-06-21 @563  		err = PTR_ERR(skb);
9e14606d8f38ea Hilda Wu               2023-06-21  564  		goto out_free;

This returns success if __hci_cmd_sync() returns NULL.

I don't think __hci_cmd_sync() can return NULL.  It is a design fail if
it can.  And it needs to be commented what the NULL means.  And yet this
file consistently assumes that __hci_cmd_sync() can be NULL.


ce78e557ff8819 Soenke Huster          2022-07-22  565  	}
182ee45da083db Luiz Augusto von Dentz 2021-10-27  566  
9e14606d8f38ea Hilda Wu               2023-06-21  567  	err = msft_le_monitor_advertisement_cb(hdev, hdev->msft_opcode,
b747a83690c8f5 Manish Mandlik         2022-07-20  568  					       monitor, skb);
9e14606d8f38ea Hilda Wu               2023-06-21  569  	if (err)
9e14606d8f38ea Hilda Wu               2023-06-21  570  		goto out_free;
9e14606d8f38ea Hilda Wu               2023-06-21  571  
9e14606d8f38ea Hilda Wu               2023-06-21  572  	handle_data = msft_find_handle_data(hdev, monitor->handle, true);
9e14606d8f38ea Hilda Wu               2023-06-21  573  	if (!handle_data) {
9e14606d8f38ea Hilda Wu               2023-06-21  574  		err = -ENODATA;
9e14606d8f38ea Hilda Wu               2023-06-21  575  		goto out_free;
9e14606d8f38ea Hilda Wu               2023-06-21  576  	}
9e14606d8f38ea Hilda Wu               2023-06-21  577  
9e14606d8f38ea Hilda Wu               2023-06-21  578  	handle_data->rssi_high	= cp->rssi_high;
9e14606d8f38ea Hilda Wu               2023-06-21  579  	handle_data->rssi_low	= cp->rssi_low;
9e14606d8f38ea Hilda Wu               2023-06-21  580  	handle_data->rssi_low_interval	  = cp->rssi_low_interval;
9e14606d8f38ea Hilda Wu               2023-06-21  581  	handle_data->rssi_sampling_period = cp->rssi_sampling_period;
9e14606d8f38ea Hilda Wu               2023-06-21  582  
9e14606d8f38ea Hilda Wu               2023-06-21  583  out_free:
9e14606d8f38ea Hilda Wu               2023-06-21  584  	kfree(cp);
9e14606d8f38ea Hilda Wu               2023-06-21  585  	return err;
b747a83690c8f5 Manish Mandlik         2022-07-20  586  }

-- 
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ