[PATCH] ipvs: initialize 'ret' variable in do_ip_vs_set_ctl()

[PATCH] ipvs: initialize 'ret' variable in do_ip_vs_set_ctl()

[Li Qiong]

The 'ret' should need to be initialized to 0, in case
return a uninitialized value because no default process
for "switch (cmd)".

Signed-off-by: Li Qiong <liqiong@nfschina.com>
---
 net/netfilter/ipvs/ip_vs_ctl.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c
index 988222fff9f0..4b20db86077c 100644
--- a/net/netfilter/ipvs/ip_vs_ctl.c
+++ b/net/netfilter/ipvs/ip_vs_ctl.c
@@ -2456,7 +2456,7 @@ static int
 do_ip_vs_set_ctl(struct sock *sk, int cmd, sockptr_t ptr, unsigned int len)
 {
 	struct net *net = sock_net(sk);
-	int ret;
+	int ret = 0;
 	unsigned char arg[MAX_SET_ARGLEN];
 	struct ip_vs_service_user *usvc_compat;
 	struct ip_vs_service_user_kern usvc;
-- 
2.11.0

Re: [PATCH] ipvs: initialize 'ret' variable in do_ip_vs_set_ctl()

[Simon Horman]

On Fri, Dec 02, 2022 at 11:25:11AM +0800, Li Qiong wrote:
> The 'ret' should need to be initialized to 0, in case
> return a uninitialized value because no default process
> for "switch (cmd)".
> 
> Signed-off-by: Li Qiong <liqiong@nfschina.com>

Thanks,

I agree there seems to be a problem here.  But perhaps it's nicer to solve
it by adding a default case to the switch statement?

Also, if we update the declaration of ret, perhaps we could also move it to
the bottom of the declaration of local variables, to move more towards
reverse xmas tree order.

But to be honest, I don't feel strongly about either of these issues.

So if someone wants to take this patch as-is then feel free to add.

Reviewed-by: Simon Horman <horms@verge.net.au>

> ---
>  net/netfilter/ipvs/ip_vs_ctl.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c
> index 988222fff9f0..4b20db86077c 100644
> --- a/net/netfilter/ipvs/ip_vs_ctl.c
> +++ b/net/netfilter/ipvs/ip_vs_ctl.c
> @@ -2456,7 +2456,7 @@ static int
>  do_ip_vs_set_ctl(struct sock *sk, int cmd, sockptr_t ptr, unsigned int len)
>  {
>  	struct net *net = sock_net(sk);
> -	int ret;
> +	int ret = 0;
>  	unsigned char arg[MAX_SET_ARGLEN];
>  	struct ip_vs_service_user *usvc_compat;
>  	struct ip_vs_service_user_kern usvc;
> -- 
> 2.11.0
> 

Re: [PATCH] ipvs: initialize 'ret' variable in do_ip_vs_set_ctl()

[Dan Carpenter]

On Fri, Dec 02, 2022 at 11:25:11AM +0800, Li Qiong wrote:
> The 'ret' should need to be initialized to 0, in case
> return a uninitialized value because no default process
> for "switch (cmd)".
> 
> Signed-off-by: Li Qiong <liqiong@nfschina.com>

If this is a real bug, then it needs a fixes tag.  The fixes tag helps
us know whether to back port or not and it also helps in reviewing the
patch.  Also get_maintainer.pl will CC the person who introduced the
bug so they can review it.  They are normally the best person to review
their own code.

Here it would be:
Fixes: c5a8a8498eed ("ipvs: Fix uninit-value in do_ip_vs_set_ctl()")

Which is strange...  Also it suggest that the correct value is -EINVAL
and not 0.

The thing about uninitialized variable bugs is that Smatch and Clang
both warn about them so they tend to get reported pretty quick.
Apparently neither Nathan nor I sent forwarded this static checker
warning.  :/

regards,
dan carpenter

Re: [PATCH] ipvs: initialize 'ret' variable in do_ip_vs_set_ctl()

[liqiong]

在 2022年12月02日 18:07, Dan Carpenter 写道:
> On Fri, Dec 02, 2022 at 11:25:11AM +0800, Li Qiong wrote:
>> The 'ret' should need to be initialized to 0, in case
>> return a uninitialized value because no default process
>> for "switch (cmd)".
>>
>> Signed-off-by: Li Qiong <liqiong@nfschina.com>
> If this is a real bug, then it needs a fixes tag.  The fixes tag helps
> us know whether to back port or not and it also helps in reviewing the
> patch.  Also get_maintainer.pl will CC the person who introduced the
> bug so they can review it.  They are normally the best person to review
> their own code.
>
> Here it would be:
> Fixes: c5a8a8498eed ("ipvs: Fix uninit-value in do_ip_vs_set_ctl()")
>
> Which is strange...  Also it suggest that the correct value is -EINVAL
> and not 0.
>
> The thing about uninitialized variable bugs is that Smatch and Clang
> both warn about them so they tend to get reported pretty quick.
> Apparently neither Nathan nor I sent forwarded this static checker
> warning.  :/
>
> regards,
> dan carpenter

It is not a real bug,   I  use tool (eg: smatch, sparse) to audit the code,  got this warning and check it,
found may be a real problem.

Re: [PATCH] ipvs: initialize 'ret' variable in do_ip_vs_set_ctl()

[Dan Carpenter]

On Fri, Dec 02, 2022 at 06:18:37PM +0800, liqiong wrote:
> 
> 
> 在 2022年12月02日 18:07, Dan Carpenter 写道:
> > On Fri, Dec 02, 2022 at 11:25:11AM +0800, Li Qiong wrote:
> >> The 'ret' should need to be initialized to 0, in case
> >> return a uninitialized value because no default process
> >> for "switch (cmd)".
> >>
> >> Signed-off-by: Li Qiong <liqiong@nfschina.com>
> > If this is a real bug, then it needs a fixes tag.  The fixes tag helps
> > us know whether to back port or not and it also helps in reviewing the
> > patch.  Also get_maintainer.pl will CC the person who introduced the
> > bug so they can review it.  They are normally the best person to review
> > their own code.
> >
> > Here it would be:
> > Fixes: c5a8a8498eed ("ipvs: Fix uninit-value in do_ip_vs_set_ctl()")
> >
> > Which is strange...  Also it suggest that the correct value is -EINVAL
> > and not 0.
> >
> > The thing about uninitialized variable bugs is that Smatch and Clang
> > both warn about them so they tend to get reported pretty quick.
> > Apparently neither Nathan nor I sent forwarded this static checker
> > warning.  :/
> >
> > regards,
> > dan carpenter
> 
> It is not a real bug,   I  use tool (eg: smatch, sparse) to audit the
> code,  got this warning and check it, found may be a real problem.

Yeah.  If it is a false positive just ignore it, do not bother to
silence wrong static checker warnings.

The code in question here is:

	if (len != set_arglen[CMDID(cmd)]) {

The only time that condition can be true is for the cases in the switch
statement.  So Peilin's patch is correct.

Smatch is bad at understanding arrays so Smatch cannot parse the if
statement above as a human reader can.

regards,
dan carpenter

Re: [PATCH] ipvs: initialize 'ret' variable in do_ip_vs_set_ctl()

[Julian Anastasov]

[-- Attachment #1: Type: text/plain, Size: 2125 bytes --]


	Hello,

On Fri, 2 Dec 2022, Dan Carpenter wrote:

> On Fri, Dec 02, 2022 at 06:18:37PM +0800, liqiong wrote:
> > 
> > 
> > 在 2022年12月02日 18:07, Dan Carpenter 写道:
> > > On Fri, Dec 02, 2022 at 11:25:11AM +0800, Li Qiong wrote:
> > >> The 'ret' should need to be initialized to 0, in case
> > >> return a uninitialized value because no default process
> > >> for "switch (cmd)".
> > >>
> > >> Signed-off-by: Li Qiong <liqiong@nfschina.com>
> > > If this is a real bug, then it needs a fixes tag.  The fixes tag helps
> > > us know whether to back port or not and it also helps in reviewing the
> > > patch.  Also get_maintainer.pl will CC the person who introduced the
> > > bug so they can review it.  They are normally the best person to review
> > > their own code.
> > >
> > > Here it would be:
> > > Fixes: c5a8a8498eed ("ipvs: Fix uninit-value in do_ip_vs_set_ctl()")
> > >
> > > Which is strange...  Also it suggest that the correct value is -EINVAL
> > > and not 0.
> > >
> > > The thing about uninitialized variable bugs is that Smatch and Clang
> > > both warn about them so they tend to get reported pretty quick.
> > > Apparently neither Nathan nor I sent forwarded this static checker
> > > warning.  :/
> > >
> > > regards,
> > > dan carpenter
> > 
> > It is not a real bug,   I  use tool (eg: smatch, sparse) to audit the
> > code,  got this warning and check it, found may be a real problem.
> 
> Yeah.  If it is a false positive just ignore it, do not bother to
> silence wrong static checker warnings.
> 
> The code in question here is:
> 
> 	if (len != set_arglen[CMDID(cmd)]) {
> 
> The only time that condition can be true is for the cases in the switch
> statement.  So Peilin's patch is correct.
> 
> Smatch is bad at understanding arrays so Smatch cannot parse the if
> statement above as a human reader can.

	Yes, no bug in current code. But it is better to return the 
default switch case with -EINVAL (not 0), in case new commands are added.
Such patch should target net-next, it is just for compilers/tools
that do not look into set_arglen[].

Regards

--
Julian Anastasov <ja@ssi.bg>

Re: [PATCH] ipvs: initialize 'ret' variable in do_ip_vs_set_ctl()

[liqiong]

在 2022年12月02日 19:26, Julian Anastasov 写道:
> 	Hello,
>
> On Fri, 2 Dec 2022, Dan Carpenter wrote:
>
>> On Fri, Dec 02, 2022 at 06:18:37PM +0800, liqiong wrote:
>>>
>>> 在 2022年12月02日 18:07, Dan Carpenter 写道:
>>>> On Fri, Dec 02, 2022 at 11:25:11AM +0800, Li Qiong wrote:
>>>>> The 'ret' should need to be initialized to 0, in case
>>>>> return a uninitialized value because no default process
>>>>> for "switch (cmd)".
>>>>>
>>>>> Signed-off-by: Li Qiong <liqiong@nfschina.com>
>>>> If this is a real bug, then it needs a fixes tag.  The fixes tag helps
>>>> us know whether to back port or not and it also helps in reviewing the
>>>> patch.  Also get_maintainer.pl will CC the person who introduced the
>>>> bug so they can review it.  They are normally the best person to review
>>>> their own code.
>>>>
>>>> Here it would be:
>>>> Fixes: c5a8a8498eed ("ipvs: Fix uninit-value in do_ip_vs_set_ctl()")
>>>>
>>>> Which is strange...  Also it suggest that the correct value is -EINVAL
>>>> and not 0.
>>>>
>>>> The thing about uninitialized variable bugs is that Smatch and Clang
>>>> both warn about them so they tend to get reported pretty quick.
>>>> Apparently neither Nathan nor I sent forwarded this static checker
>>>> warning.  :/
>>>>
>>>> regards,
>>>> dan carpenter
>>> It is not a real bug,   I  use tool (eg: smatch, sparse) to audit the
>>> code,  got this warning and check it, found may be a real problem.
>> Yeah.  If it is a false positive just ignore it, do not bother to
>> silence wrong static checker warnings.
>>
>> The code in question here is:
>>
>> 	if (len != set_arglen[CMDID(cmd)]) {
>>
>> The only time that condition can be true is for the cases in the switch
>> statement.  So Peilin's patch is correct.
>>
>> Smatch is bad at understanding arrays so Smatch cannot parse the if
>> statement above as a human reader can.
> 	Yes, no bug in current code. But it is better to return the 
> default switch case with -EINVAL (not 0), in case new commands are added.
> Such patch should target net-next, it is just for compilers/tools
> that do not look into set_arglen[].
>
> Regards
>
> --
> Julian Anastasov <ja@ssi.bg>
Thanks, I will send a v2 patch.

[PATCH v2] ipvs: add a 'default' case in do_ip_vs_set_ctl()

[Li Qiong]

It is better to return the default switch case with
'-EINVAL', in case new commands are added. otherwise,
return a uninitialized value of ret.

Signed-off-by: Li Qiong <liqiong@nfschina.com>
Reviewed-by: Simon Horman <horms@verge.net.au>
---
v2: Add 'default' case instead of initializing 'ret'.
---
 net/netfilter/ipvs/ip_vs_ctl.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c
index 988222fff9f0..97f6a1c8933a 100644
--- a/net/netfilter/ipvs/ip_vs_ctl.c
+++ b/net/netfilter/ipvs/ip_vs_ctl.c
@@ -2590,6 +2590,11 @@ do_ip_vs_set_ctl(struct sock *sk, int cmd, sockptr_t ptr, unsigned int len)
 		break;
 	case IP_VS_SO_SET_DELDEST:
 		ret = ip_vs_del_dest(svc, &udest);
+		break;
+	default:
+		WARN_ON_ONCE(1);
+		ret = -EINVAL;
+		break;
 	}
 
   out_unlock:
-- 
2.11.0

Re: [PATCH v2] ipvs: add a 'default' case in do_ip_vs_set_ctl()

[Julian Anastasov]

	Hello,

On Mon, 12 Dec 2022, Li Qiong wrote:

> It is better to return the default switch case with
> '-EINVAL', in case new commands are added. otherwise,
> return a uninitialized value of ret.
> 
> Signed-off-by: Li Qiong <liqiong@nfschina.com>
> Reviewed-by: Simon Horman <horms@verge.net.au>

	Change looks correct to me for -next, thanks!

Acked-by: Julian Anastasov <ja@ssi.bg>

	Still, the comment can explain that this code
is currently unreachable and that some parsers need
the default case to avoid report for uninitialized 'ret'.

> ---
> v2: Add 'default' case instead of initializing 'ret'.
> ---
>  net/netfilter/ipvs/ip_vs_ctl.c | 5 +++++
>  1 file changed, 5 insertions(+)
> 
> diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c
> index 988222fff9f0..97f6a1c8933a 100644
> --- a/net/netfilter/ipvs/ip_vs_ctl.c
> +++ b/net/netfilter/ipvs/ip_vs_ctl.c
> @@ -2590,6 +2590,11 @@ do_ip_vs_set_ctl(struct sock *sk, int cmd, sockptr_t ptr, unsigned int len)
>  		break;
>  	case IP_VS_SO_SET_DELDEST:
>  		ret = ip_vs_del_dest(svc, &udest);
> +		break;
> +	default:
> +		WARN_ON_ONCE(1);
> +		ret = -EINVAL;
> +		break;
>  	}
>  
>    out_unlock:
> -- 
> 2.11.0

Regards

--
Julian Anastasov <ja@ssi.bg>

Re: [PATCH v2] ipvs: add a 'default' case in do_ip_vs_set_ctl()

[Pablo Neira Ayuso]

On Mon, Dec 12, 2022 at 04:20:41PM +0200, Julian Anastasov wrote:
> 
> 	Hello,
> 
> On Mon, 12 Dec 2022, Li Qiong wrote:
> 
> > It is better to return the default switch case with
> > '-EINVAL', in case new commands are added. otherwise,
> > return a uninitialized value of ret.
> > 
> > Signed-off-by: Li Qiong <liqiong@nfschina.com>
> > Reviewed-by: Simon Horman <horms@verge.net.au>
> 
> 	Change looks correct to me for -next, thanks!
> 
> Acked-by: Julian Anastasov <ja@ssi.bg>

Applied, thanks.