* [bug report] libnvdimm: clear the internal poison_list when clearing badblocks
@ 2017-10-26 10:29 Dan Carpenter
2017-10-26 21:54 ` Dan Williams
0 siblings, 1 reply; 2+ messages in thread
From: Dan Carpenter @ 2017-10-26 10:29 UTC (permalink / raw)
To: vishal.l.verma; +Cc: linux-nvdimm
Hello Vishal Verma,
The patch e046114af5fc: "libnvdimm: clear the internal poison_list
when clearing badblocks" from Sep 30, 2016, leads to the following
static checker warning:
drivers/nvdimm/core.c:601 nvdimm_forget_poison()
warn: potential integer overflow from user 'start + len'
drivers/nvdimm/core.c
597 void nvdimm_forget_poison(struct nvdimm_bus *nvdimm_bus, phys_addr_t start,
598 unsigned int len)
599 {
600 struct list_head *poison_list = &nvdimm_bus->poison_list;
601 u64 clr_end = start + len - 1;
^^^^^^^^^^^
Thes come from the __nd_ioctl() and it looks like they haven't been
checked before we call this function. It's hard for me to read this
function well enough that I can say for sure the overflow is harmless.
Please review?
602 struct nd_poison *pl, *next;
603
604 spin_lock(&nvdimm_bus->poison_lock);
605 WARN_ON_ONCE(list_empty(poison_list));
606
607 /*
608 * [start, clr_end] is the poison interval being cleared.
609 * [pl->start, pl_end] is the poison_list entry we're comparing
610 * the above interval against. The poison list entry may need
611 * to be modified (update either start or length), deleted, or
612 * split into two based on the overlap characteristics
613 */
614
615 list_for_each_entry_safe(pl, next, poison_list, list) {
616 u64 pl_end = pl->start + pl->length - 1;
617
618 /* Skip intervals with no intersection */
619 if (pl_end < start)
620 continue;
621 if (pl->start > clr_end)
622 continue;
623 /* Delete completely overlapped poison entries */
624 if ((pl->start >= start) && (pl_end <= clr_end)) {
625 list_del(&pl->list);
regards,
dan carpenter
_______________________________________________
Linux-nvdimm mailing list
Linux-nvdimm@lists.01.org
https://lists.01.org/mailman/listinfo/linux-nvdimm
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [bug report] libnvdimm: clear the internal poison_list when clearing badblocks
2017-10-26 10:29 [bug report] libnvdimm: clear the internal poison_list when clearing badblocks Dan Carpenter
@ 2017-10-26 21:54 ` Dan Williams
0 siblings, 0 replies; 2+ messages in thread
From: Dan Williams @ 2017-10-26 21:54 UTC (permalink / raw)
To: Dan Carpenter; +Cc: linux-nvdimm
On Thu, Oct 26, 2017 at 3:29 AM, Dan Carpenter <dan.carpenter@oracle.com> wrote:
> Hello Vishal Verma,
>
> The patch e046114af5fc: "libnvdimm: clear the internal poison_list
> when clearing badblocks" from Sep 30, 2016, leads to the following
> static checker warning:
Thanks for the report Dan, we'll take a look.
_______________________________________________
Linux-nvdimm mailing list
Linux-nvdimm@lists.01.org
https://lists.01.org/mailman/listinfo/linux-nvdimm
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2017-10-26 21:50 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-10-26 10:29 [bug report] libnvdimm: clear the internal poison_list when clearing badblocks Dan Carpenter
2017-10-26 21:54 ` Dan Williams
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).