[PATCH v2] Staging: rtl8723bs: Check sscanf return value

[PATCH v2] Staging: rtl8723bs: Check sscanf return value

[Georgiana Chelu]

Check the sscanf return value and handle it. The function returns
the number of items of the argument list successfully filled.

Issue found by checkpatch.pl.
WARNING: unchecked sscanf return value

Signed-off-by: Georgiana Chelu <georgiana.chelu93@gmail.com>
---

Changes in v2:
* compared the return value of scanf to the right value
* improved the commit message

 drivers/staging/rtl8723bs/os_dep/ioctl_linux.c | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/drivers/staging/rtl8723bs/os_dep/ioctl_linux.c b/drivers/staging/rtl8723bs/os_dep/ioctl_linux.c
index 3fca0c2d4c8d..fe538cc088f0 100644
--- a/drivers/staging/rtl8723bs/os_dep/ioctl_linux.c
+++ b/drivers/staging/rtl8723bs/os_dep/ioctl_linux.c
@@ -2356,7 +2356,11 @@ static int rtw_wx_read32(struct net_device *dev,
 
 	bytes = 0;
 	addr = 0;
-	sscanf(ptmp, "%d,%x", &bytes, &addr);
+	ret = sscanf(ptmp, "%d,%x", &bytes, &addr);
+	if (ret != 2) {
+		ret = -EINVAL;
+		goto exit;
+	}
 
 	switch (bytes) {
 		case 1:
@@ -2393,12 +2397,15 @@ static int rtw_wx_write32(struct net_device *dev,
 	u32 addr;
 	u32 data32;
 	u32 bytes;
+	int ret;
 
 
 	bytes = 0;
 	addr = 0;
 	data32 = 0;
-	sscanf(extra, "%d,%x,%x", &bytes, &addr, &data32);
+	ret = sscanf(extra, "%d,%x,%x", &bytes, &addr, &data32);
+	if (ret != 3)
+		return -EINVAL;
 
 	switch (bytes) {
 		case 1:
-- 
2.11.0

Re: [PATCH v2] Staging: rtl8723bs: Check sscanf return value

[Greg Kroah-Hartman]

On Wed, Oct 18, 2017 at 12:39:11AM +0300, Georgiana Chelu wrote:
> Check the sscanf return value and handle it. The function returns
> the number of items of the argument list successfully filled.
> 
> Issue found by checkpatch.pl.
> WARNING: unchecked sscanf return value
> 
> Signed-off-by: Georgiana Chelu <georgiana.chelu93@gmail.com>
> ---
> 
> Changes in v2:
> * compared the return value of scanf to the right value
> * improved the commit message
> 
>  drivers/staging/rtl8723bs/os_dep/ioctl_linux.c | 11 +++++++++--
>  1 file changed, 9 insertions(+), 2 deletions(-)
> 
> diff --git a/drivers/staging/rtl8723bs/os_dep/ioctl_linux.c b/drivers/staging/rtl8723bs/os_dep/ioctl_linux.c
> index 3fca0c2d4c8d..fe538cc088f0 100644
> --- a/drivers/staging/rtl8723bs/os_dep/ioctl_linux.c
> +++ b/drivers/staging/rtl8723bs/os_dep/ioctl_linux.c
> @@ -2356,7 +2356,11 @@ static int rtw_wx_read32(struct net_device *dev,
>  
>  	bytes = 0;
>  	addr = 0;
> -	sscanf(ptmp, "%d,%x", &bytes, &addr);
> +	ret = sscanf(ptmp, "%d,%x", &bytes, &addr);
> +	if (ret != 2) {
> +		ret = -EINVAL;
> +		goto exit;
> +	}

Are you sure that the code requires 2 values here?

>  
>  	switch (bytes) {
>  		case 1:
> @@ -2393,12 +2397,15 @@ static int rtw_wx_write32(struct net_device *dev,
>  	u32 addr;
>  	u32 data32;
>  	u32 bytes;
> +	int ret;
>  
>  
>  	bytes = 0;
>  	addr = 0;
>  	data32 = 0;
> -	sscanf(extra, "%d,%x,%x", &bytes, &addr, &data32);
> +	ret = sscanf(extra, "%d,%x,%x", &bytes, &addr, &data32);
> +	if (ret != 3)
> +		return -EINVAL;

Same here, are you sure that 3 values are required?

thanks,

greg k-h

Re: [PATCH v2] Staging: rtl8723bs: Check sscanf return value

[Georgiana Chelu]

On 18 October 2017 at 17:03, Greg Kroah-Hartman
<gregkh@linuxfoundation.org> wrote:
> On Wed, Oct 18, 2017 at 12:39:11AM +0300, Georgiana Chelu wrote:
>> Check the sscanf return value and handle it. The function returns
>> the number of items of the argument list successfully filled.
>>
>> Issue found by checkpatch.pl.
>> WARNING: unchecked sscanf return value
>>
>> Signed-off-by: Georgiana Chelu <georgiana.chelu93@gmail.com>
>> ---
>>
>> Changes in v2:
>> * compared the return value of scanf to the right value
>> * improved the commit message
>>
>>  drivers/staging/rtl8723bs/os_dep/ioctl_linux.c | 11 +++++++++--
>>  1 file changed, 9 insertions(+), 2 deletions(-)
>>
>> diff --git a/drivers/staging/rtl8723bs/os_dep/ioctl_linux.c b/drivers/staging/rtl8723bs/os_dep/ioctl_linux.c
>> index 3fca0c2d4c8d..fe538cc088f0 100644
>> --- a/drivers/staging/rtl8723bs/os_dep/ioctl_linux.c
>> +++ b/drivers/staging/rtl8723bs/os_dep/ioctl_linux.c
>> @@ -2356,7 +2356,11 @@ static int rtw_wx_read32(struct net_device *dev,
>>
>>       bytes = 0;
>>       addr = 0;
>> -     sscanf(ptmp, "%d,%x", &bytes, &addr);
>> +     ret = sscanf(ptmp, "%d,%x", &bytes, &addr);
>> +     if (ret != 2) {
>> +             ret = -EINVAL;
>> +             goto exit;
>> +     }
>
> Are you sure that the code requires 2 values here?
>
>>
>>       switch (bytes) {
>>               case 1:
>> @@ -2393,12 +2397,15 @@ static int rtw_wx_write32(struct net_device *dev,
>>       u32 addr;
>>       u32 data32;
>>       u32 bytes;
>> +     int ret;
>>
>>
>>       bytes = 0;
>>       addr = 0;
>>       data32 = 0;
>> -     sscanf(extra, "%d,%x,%x", &bytes, &addr, &data32);xbytes, &addr, &data32);
>> +     if (ret != 3)
>> +             return -EINVAL;
>
> Same here, are you sure that 3 values are required?
>

I think I understand what you are saying. The 'addr' and 'data32'
could be 0 because one can write 0 bytes at the starting address of
the 'padapter' structure. Also, the switch statement handles the case
when 'bytes' does not have one of the expected values.

Please, tell me if I understood correctly.


Thanks,
Georgiana


> thanks,
>
> greg k-h