lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date:   Sat, 24 Oct 2020 15:52:40 +0100
From:   Alex Dewar <alex.dewar90@...il.com>
To:     unlisted-recipients:; (no To-header on input)
Cc:     Alex Dewar <alex.dewar90@...il.com>,
        "J. Bruce Fields" <bfields@...ldses.org>,
        Chuck Lever <chuck.lever@...cle.com>,
        Trond Myklebust <trond.myklebust@...merspace.com>,
        Anna Schumaker <anna.schumaker@...app.com>,
        "David S. Miller" <davem@...emloft.net>,
        Jakub Kicinski <kuba@...nel.org>,
        Artur Molchanov <arturmolchanov@...il.com>,
        linux-nfs@...r.kernel.org, netdev@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: [PATCH] net/sunrpc: Fix return value from proc_do_xprt()

Commit c09f56b8f68d ("net/sunrpc: Fix return value for sysctl
sunrpc.transports") attempted to add error checking for the call to
memory_read_from_buffer(), however its return value was assigned to a
size_t variable, so any negative values would be lost in the cast. Fix
this.

Addresses-Coverity-ID: 1498033: Control flow issues (NO_EFFECT)
Fixes: c09f56b8f68d ("net/sunrpc: Fix return value for sysctl sunrpc.transports")
Signed-off-by: Alex Dewar <alex.dewar90@...il.com>
---
 net/sunrpc/sysctl.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/net/sunrpc/sysctl.c b/net/sunrpc/sysctl.c
index a18b36b5422d..c95a2b84dd95 100644
--- a/net/sunrpc/sysctl.c
+++ b/net/sunrpc/sysctl.c
@@ -62,6 +62,7 @@ rpc_unregister_sysctl(void)
 static int proc_do_xprt(struct ctl_table *table, int write,
 			void *buffer, size_t *lenp, loff_t *ppos)
 {
+	ssize_t bytes_read;
 	char tmpbuf[256];
 	size_t len;
 
@@ -70,12 +71,14 @@ static int proc_do_xprt(struct ctl_table *table, int write,
 		return 0;
 	}
 	len = svc_print_xprts(tmpbuf, sizeof(tmpbuf));
-	*lenp = memory_read_from_buffer(buffer, *lenp, ppos, tmpbuf, len);
+	bytes_read = memory_read_from_buffer(buffer, *lenp, ppos, tmpbuf, len);
 
-	if (*lenp < 0) {
+	if (bytes_read < 0) {
 		*lenp = 0;
 		return -EINVAL;
 	}
+
+	*lenp = bytes_read;
 	return 0;
 }
 
-- 
2.29.1

Powered by blists - more mailing lists