* [PATCH net-next 1/2] net/af_iucv: right-size the uid variable in iucv_sock_bind()
2020-10-01 17:21 [PATCH net-next 0/2] net/iucv: updates 2020-10-01 Julian Wiedmann
@ 2020-10-01 17:21 ` Julian Wiedmann
2020-10-01 17:21 ` [PATCH net-next 2/2] net/iucv: fix indentation in __iucv_message_receive() Julian Wiedmann
2020-10-03 23:51 ` [PATCH net-next 0/2] net/iucv: updates 2020-10-01 David Miller
2 siblings, 0 replies; 4+ messages in thread
From: Julian Wiedmann @ 2020-10-01 17:21 UTC (permalink / raw)
To: David Miller, Jakub Kicinski
Cc: netdev, linux-s390, Heiko Carstens, Ursula Braun, Karsten Graul,
Julian Wiedmann
smatch complains about
net/iucv/af_iucv.c:624 iucv_sock_bind() error: memcpy() 'sa->siucv_user_id' too small (8 vs 9)
Which is absolutely correct - the memcpy() takes 9 bytes (sizeof(uid))
from an 8-byte field (sa->siucv_user_id).
Luckily the sockaddr_iucv struct contains more data after the
.siucv_user_id field, and we checked the size of the passed data earlier
on. So the memcpy() won't accidentally read from an invalid location.
Fix the warning by reducing the size of the uid variable to what's
actually needed, and thus reducing the amount of copied data.
Signed-off-by: Julian Wiedmann <jwi@linux.ibm.com>
Reviewed-by: Karsten Graul <kgraul@linux.ibm.com>
---
net/iucv/af_iucv.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/iucv/af_iucv.c b/net/iucv/af_iucv.c
index a95af62acb52..d80572074667 100644
--- a/net/iucv/af_iucv.c
+++ b/net/iucv/af_iucv.c
@@ -588,11 +588,11 @@ static int iucv_sock_bind(struct socket *sock, struct sockaddr *addr,
int addr_len)
{
struct sockaddr_iucv *sa = (struct sockaddr_iucv *) addr;
+ char uid[sizeof(sa->siucv_user_id)];
struct sock *sk = sock->sk;
struct iucv_sock *iucv;
int err = 0;
struct net_device *dev;
- char uid[9];
/* Verify the input sockaddr */
if (addr_len < sizeof(struct sockaddr_iucv) ||
--
2.17.1
^ permalink raw reply related [flat|nested] 4+ messages in thread
* [PATCH net-next 2/2] net/iucv: fix indentation in __iucv_message_receive()
2020-10-01 17:21 [PATCH net-next 0/2] net/iucv: updates 2020-10-01 Julian Wiedmann
2020-10-01 17:21 ` [PATCH net-next 1/2] net/af_iucv: right-size the uid variable in iucv_sock_bind() Julian Wiedmann
@ 2020-10-01 17:21 ` Julian Wiedmann
2020-10-03 23:51 ` [PATCH net-next 0/2] net/iucv: updates 2020-10-01 David Miller
2 siblings, 0 replies; 4+ messages in thread
From: Julian Wiedmann @ 2020-10-01 17:21 UTC (permalink / raw)
To: David Miller, Jakub Kicinski
Cc: netdev, linux-s390, Heiko Carstens, Ursula Braun, Karsten Graul,
Julian Wiedmann
smatch complains about
net/iucv/iucv.c:1119 __iucv_message_receive() warn: inconsistent indenting
While touching this line, also make the return logic consistent and thus
get rid of a goto label.
Signed-off-by: Julian Wiedmann <jwi@linux.ibm.com>
Reviewed-by: Karsten Graul <kgraul@linux.ibm.com>
---
net/iucv/iucv.c | 8 +++-----
1 file changed, 3 insertions(+), 5 deletions(-)
diff --git a/net/iucv/iucv.c b/net/iucv/iucv.c
index cd2e468852e7..349c6ac3313f 100644
--- a/net/iucv/iucv.c
+++ b/net/iucv/iucv.c
@@ -1116,10 +1116,9 @@ int __iucv_message_receive(struct iucv_path *path, struct iucv_message *msg,
if (msg->flags & IUCV_IPRMDATA)
return iucv_message_receive_iprmdata(path, msg, flags,
buffer, size, residual);
- if (cpumask_empty(&iucv_buffer_cpumask)) {
- rc = -EIO;
- goto out;
- }
+ if (cpumask_empty(&iucv_buffer_cpumask))
+ return -EIO;
+
parm = iucv_param[smp_processor_id()];
memset(parm, 0, sizeof(union iucv_param));
parm->db.ipbfadr1 = (u32)(addr_t) buffer;
@@ -1135,7 +1134,6 @@ int __iucv_message_receive(struct iucv_path *path, struct iucv_message *msg,
if (residual)
*residual = parm->db.ipbfln1f;
}
-out:
return rc;
}
EXPORT_SYMBOL(__iucv_message_receive);
--
2.17.1
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH net-next 0/2] net/iucv: updates 2020-10-01
2020-10-01 17:21 [PATCH net-next 0/2] net/iucv: updates 2020-10-01 Julian Wiedmann
2020-10-01 17:21 ` [PATCH net-next 1/2] net/af_iucv: right-size the uid variable in iucv_sock_bind() Julian Wiedmann
2020-10-01 17:21 ` [PATCH net-next 2/2] net/iucv: fix indentation in __iucv_message_receive() Julian Wiedmann
@ 2020-10-03 23:51 ` David Miller
2 siblings, 0 replies; 4+ messages in thread
From: David Miller @ 2020-10-03 23:51 UTC (permalink / raw)
To: jwi; +Cc: kuba, netdev, linux-s390, hca, ubraun, kgraul
From: Julian Wiedmann <jwi@linux.ibm.com>
Date: Thu, 1 Oct 2020 19:21:25 +0200
> please apply the following patch series for iucv to netdev's net-next
> tree.
>
> Just two (rare) patches, and both deal with smatch warnings.
Series applied, thanks.
^ permalink raw reply [flat|nested] 4+ messages in thread