linux-rdma.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [bug report] RDMA/uverbs: Expose the new GID query API to user space
@ 2020-10-22 13:38 Dan Carpenter
  0 siblings, 0 replies; only message in thread
From: Dan Carpenter @ 2020-10-22 13:38 UTC (permalink / raw)
  To: avihaih; +Cc: linux-rdma

Hello Avihai Horon,

The patch 9f85cbe50aa0: "RDMA/uverbs: Expose the new GID query API to
user space" from Sep 23, 2020, leads to the following static checker
warning:

	drivers/infiniband/core/uverbs_std_types_device.c:338 ib_uverbs_handler_UVERBS_METHOD_QUERY_GID_TABLE()
	warn: 'max_entries' unsigned <= 0

drivers/infiniband/core/uverbs_std_types_device.c
   312  static int UVERBS_HANDLER(UVERBS_METHOD_QUERY_GID_TABLE)(
   313          struct uverbs_attr_bundle *attrs)
   314  {
   315          struct ib_uverbs_gid_entry *entries;
   316          struct ib_ucontext *ucontext;
   317          struct ib_device *ib_dev;
   318          size_t user_entry_size;
   319          ssize_t num_entries;
   320          size_t max_entries;
   321          size_t num_bytes;
   322          u32 flags;
   323          int ret;
   324  
   325          ret = uverbs_get_flags32(&flags, attrs,
   326                                   UVERBS_ATTR_QUERY_GID_TABLE_FLAGS, 0);
   327          if (ret)
   328                  return ret;
   329  
   330          ret = uverbs_get_const(&user_entry_size, attrs,
   331                                 UVERBS_ATTR_QUERY_GID_TABLE_ENTRY_SIZE);
   332          if (ret)
   333                  return ret;
   334  
   335          max_entries = uverbs_attr_ptr_get_array_size(
   336                  attrs, UVERBS_ATTR_QUERY_GID_TABLE_RESP_ENTRIES,
   337                  user_entry_size);
   338          if (max_entries <= 0)
                    ^^^^^^^^^^^^^^^^
size_t is unsigned so negative returns from uverbs_attr_ptr_get_array_size()
are treated as high postives.

   339                  return -EINVAL;
   340  
   341          ucontext = ib_uverbs_get_ucontext(attrs);
   342          if (IS_ERR(ucontext))
   343                  return PTR_ERR(ucontext);
   344          ib_dev = ucontext->device;
   345  
   346          if (check_mul_overflow(max_entries, sizeof(*entries), &num_bytes))
   347                  return -EINVAL;
   348  
   349          entries = uverbs_zalloc(attrs, num_bytes);
   350          if (!entries)
   351                  return -ENOMEM;
   352  

regards,
dan carpenter

^ permalink raw reply	[flat|nested] only message in thread
only message in thread, other threads:[~2020-10-22 13:40 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-10-22 13:38 [bug report] RDMA/uverbs: Expose the new GID query API to user space Dan Carpenter

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).