Linux-Next Archive on lore.kernel.org
 help / color / Atom feed
* Coverity: super_1_load(): Memory - illegal accesses
@ 2019-10-28 23:02 coverity-bot
  2019-10-29  2:03 ` Yufen Yu
  0 siblings, 1 reply; 2+ messages in thread
From: coverity-bot @ 2019-10-28 23:02 UTC (permalink / raw)
  To: Yufen Yu; +Cc: Song Liu, Gustavo A. R. Silva, linux-next

Hello!

This is an experimental automated report about issues detected by Coverity
from a scan of next-20191025 as part of the linux-next weekly scan project:
https://scan.coverity.com/projects/linux-next-weekly-scan

You're getting this email because you were associated with the identified
lines of code (noted below) that were touched by recent commits:

6a5cb53aaa4e ("md: no longer compare spare disk superblock events in super_load")

Coverity reported the following:

*** CID 1487373:  Memory - illegal accesses  (NEGATIVE_RETURNS)
/drivers/md/md.c: 1684 in super_1_load()
1678     	}
1679
1680     	if ((le32_to_cpu(sb->feature_map) & MD_FEATURE_RAID0_LAYOUT) &&
1681     	    sb->level != 0)
1682     		return -EINVAL;
1683
vvv     CID 1487373:  Memory - illegal accesses  (NEGATIVE_RETURNS)
vvv     Using variable "rdev->desc_nr" as an index to array "sb->dev_roles".
1684     	role = le16_to_cpu(sb->dev_roles[rdev->desc_nr]);
1685
1686     	if (!refdev) {
1687     		/*
1688     		 * Insist of good event counter while assembling, except for
1689     		 * spares (which don't need an event count)

If this is a false positive, please let us know so we can mark it as
such, or teach the Coverity rules to be smarter. If not, please make
sure fixes get into linux-next. :) For patches fixing this, please
include:

Reported-by: coverity-bot <keescook+coverity-bot@chromium.org>
Addresses-Coverity-ID: 1487373 ("Memory - illegal accesses")
Fixes: 6a5cb53aaa4e ("md: no longer compare spare disk superblock events in super_load")


Thanks for your attention!

-- 
Coverity-bot

^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: Coverity: super_1_load(): Memory - illegal accesses
  2019-10-28 23:02 Coverity: super_1_load(): Memory - illegal accesses coverity-bot
@ 2019-10-29  2:03 ` Yufen Yu
  0 siblings, 0 replies; 2+ messages in thread
From: Yufen Yu @ 2019-10-29  2:03 UTC (permalink / raw)
  To: coverity-bot; +Cc: Song Liu, Gustavo A. R. Silva, linux-next



On 2019/10/29 7:02, coverity-bot wrote:
> Hello!
>
> This is an experimental automated report about issues detected by Coverity
> from a scan of next-20191025 as part of the linux-next weekly scan project:
> https://scan.coverity.com/projects/linux-next-weekly-scan
>
> You're getting this email because you were associated with the identified
> lines of code (noted below) that were touched by recent commits:
>
> 6a5cb53aaa4e ("md: no longer compare spare disk superblock events in super_load")
>
> Coverity reported the following:
>
> *** CID 1487373:  Memory - illegal accesses  (NEGATIVE_RETURNS)
> /drivers/md/md.c: 1684 in super_1_load()
> 1678     	}
> 1679
> 1680     	if ((le32_to_cpu(sb->feature_map) & MD_FEATURE_RAID0_LAYOUT) &&
> 1681     	    sb->level != 0)
> 1682     		return -EINVAL;
> 1683
> vvv     CID 1487373:  Memory - illegal accesses  (NEGATIVE_RETURNS)
> vvv     Using variable "rdev->desc_nr" as an index to array "sb->dev_roles".
> 1684     	role = le16_to_cpu(sb->dev_roles[rdev->desc_nr]);
> 1685
> 1686     	if (!refdev) {
> 1687     		/*
> 1688     		 * Insist of good event counter while assembling, except for
> 1689     		 * spares (which don't need an event count)
>
> If this is a false positive, please let us know so we can mark it as
> such, or teach the Coverity rules to be smarter. If not, please make
> sure fixes get into linux-next. :) For patches fixing this, please
> include:
>
> Reported-by: coverity-bot <keescook+coverity-bot@chromium.org>
> Addresses-Coverity-ID: 1487373 ("Memory - illegal accesses")
> Fixes: 6a5cb53aaa4e ("md: no longer compare spare disk superblock events in super_load")
>
>
> Thanks for your attention!
>

Thanks a lot for report!
I am sorry for forgetting to verify 'rdev->desc_nr' after moving it up.
I will send a patch to fix this.

Thanks,
Yufen




^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, back to index

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-10-28 23:02 Coverity: super_1_load(): Memory - illegal accesses coverity-bot
2019-10-29  2:03 ` Yufen Yu

Linux-Next Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-next/0 linux-next/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-next linux-next/ https://lore.kernel.org/linux-next \
		linux-next@vger.kernel.org
	public-inbox-index linux-next

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-next


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git