lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 15 Aug 2014 11:45:42 -0700 From: Iyappan Subramanian <isubramanian@....com> To: Tobias Klauser <tklauser@...tanz.ch> Cc: Keyur Chudgar <kchudgar@....com>, Ravi Patel <rapatel@....com>, "David S. Miller" <davem@...emloft.net>, netdev <netdev@...r.kernel.org> Subject: Re: [PATCH net] net: xgene: Check negative return value of xgene_enet_get_ring_size() On Thu, Aug 14, 2014 at 4:59 AM, Tobias Klauser <tklauser@...tanz.ch> wrote: > xgene_enet_get_ring_size() returns a negative value in case of an error, > but its only caller in xgene_enet_create_desc_ring() currently uses the > return value directly as u32. Instead, check for a negative value first and > error out in case. Also move the call to xgene_enet_get_ring_size() before > devm_kzalloc() so we don't need to free anything in the error path. > > This fixes the following issue reported by the Coverity Scanner: > > ** CID 1231336: Improper use of negative value (NEGATIVE_RETURNS) > /drivers/net/ethernet/apm/xgene/xgene_enet_main.c: 596 in xgene_enet_create_desc_ring() > > Signed-off-by: Tobias Klauser <tklauser@...tanz.ch> > --- > drivers/net/ethernet/apm/xgene/xgene_enet_main.c | 7 +++++-- > 1 file changed, 5 insertions(+), 2 deletions(-) > > diff --git a/drivers/net/ethernet/apm/xgene/xgene_enet_main.c b/drivers/net/ethernet/apm/xgene/xgene_enet_main.c > index af7c40a..e1a8f4e 100644 > --- a/drivers/net/ethernet/apm/xgene/xgene_enet_main.c > +++ b/drivers/net/ethernet/apm/xgene/xgene_enet_main.c > @@ -581,7 +581,11 @@ static struct xgene_enet_desc_ring *xgene_enet_create_desc_ring( > struct xgene_enet_desc_ring *ring; > struct xgene_enet_pdata *pdata = netdev_priv(ndev); > struct device *dev = ndev_to_dev(ndev); > - u32 size; > + int size; > + > + size = xgene_enet_get_ring_size(dev, cfgsize); > + if (size < 0) > + return NULL; > > ring = devm_kzalloc(dev, sizeof(struct xgene_enet_desc_ring), > GFP_KERNEL); > @@ -593,7 +597,6 @@ static struct xgene_enet_desc_ring *xgene_enet_create_desc_ring( > ring->cfgsize = cfgsize; > ring->id = ring_id; > > - size = xgene_enet_get_ring_size(dev, cfgsize); > ring->desc_addr = dma_zalloc_coherent(dev, size, &ring->dma, > GFP_KERNEL); > if (!ring->desc_addr) { > -- > 2.0.1 > > I am sorry I wasn't able to see this until today. Thanks for addressing the problem. Even though the patch has already been applied, here is my ACK. Acked-by: Iyappan Subramanian <isubramanian@....com> -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists