Re: [patch] netiucv: silence an underflow warning

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Ursula Braun <ubraun@linux.vnet.ibm.com>
To: Dan Carpenter <dan.carpenter@oracle.com>
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>,
	Heiko Carstens <heiko.carstens@de.ibm.com>,
	linux-s390@vger.kernel.org, linux-kernel@vger.kernel.org,
	kernel-janitors@vger.kernel.org
Subject: Re: [patch] netiucv: silence an underflow warning
Date: Fri, 15 Jul 2016 07:11:58 +0000	[thread overview]
Message-ID: <57888CBE.9050002@linux.vnet.ibm.com> (raw)
In-Reply-To: <20160714113016.GJ18175@mwanda>

Hi Dan,

thanks for reporting this netiucv-problem. There is an implication: 
Without fix, buffer values between 2**31 and 2**32 are not detected as 
invalid values. Your fix would help, but since we have to touch the 
code, I suggest to modernize it, moving from simple_strtoul() to 
kstrtouint(). This would be the patch I have in mind:

--- a/drivers/s390/net/netiucv.c
+++ b/drivers/s390/net/netiucv.c
@@ -1564,21 +1564,21 @@ static ssize_t buffer_write (struct devi
  {
  	struct netiucv_priv *priv = dev_get_drvdata(dev);
  	struct net_device *ndev = priv->conn->netdev;
-	char         *e;
-	int          bs1;
+	unsigned int bs1;
+	int rc;

  	IUCV_DBF_TEXT(trace, 3, __func__);
  	if (count >= 39)
  		return -EINVAL;

-	bs1 = simple_strtoul(buf, &e, 0);
+	rc = kstrtouint(buf, 0, &bs1);

-	if (e && (!isspace(*e))) {
-		IUCV_DBF_TEXT_(setup, 2, "buffer_write: invalid char %02x\n",
-			*e);
+	if (rc = -EINVAL) {
+		IUCV_DBF_TEXT_(setup, 2, "buffer_write: invalid char %s\n",
+			buf);
  		return -EINVAL;
  	}
-	if (bs1 > NETIUCV_BUFSIZE_MAX) {
+	if ((rc = -ERANGE) || (bs1 > NETIUCV_BUFSIZE_MAX)) {
  		IUCV_DBF_TEXT_(setup, 2,
  			"buffer_write: buffer size %d too large\n",
  			bs1);

And a question about your static checker detecting this problem: Is it a 
private checker, or something we could use as well?
Does your checker like my patch version?

Thanks, Ursula

On 07/14/2016 01:30 PM, Dan Carpenter wrote:
> I haven't looked at the implications but we accidentally allow bs1 to
> be negative.  It makes my static checker complain.
>
> Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
>
> diff --git a/drivers/s390/net/netiucv.c b/drivers/s390/net/netiucv.c
> index b0e8ffd..85a5744 100644
> --- a/drivers/s390/net/netiucv.c
> +++ b/drivers/s390/net/netiucv.c
> @@ -1578,7 +1578,7 @@ static ssize_t buffer_write (struct device *dev, struct device_attribute *attr,
>   			*e);
>   		return -EINVAL;
>   	}
> -	if (bs1 > NETIUCV_BUFSIZE_MAX) {
> +	if (bs1 < 0 || bs1 > NETIUCV_BUFSIZE_MAX) {
>   		IUCV_DBF_TEXT_(setup, 2,
>   			"buffer_write: buffer size %d too large\n",
>   			bs1);
>

WARNING: multiple messages have this Message-ID (diff)

From: Ursula Braun <ubraun@linux.vnet.ibm.com>
To: Dan Carpenter <dan.carpenter@oracle.com>
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>,
	Heiko Carstens <heiko.carstens@de.ibm.com>,
	linux-s390@vger.kernel.org, linux-kernel@vger.kernel.org,
	kernel-janitors@vger.kernel.org
Subject: Re: [patch] netiucv: silence an underflow warning
Date: Fri, 15 Jul 2016 09:11:58 +0200	[thread overview]
Message-ID: <57888CBE.9050002@linux.vnet.ibm.com> (raw)
In-Reply-To: <20160714113016.GJ18175@mwanda>

Hi Dan,

thanks for reporting this netiucv-problem. There is an implication: 
Without fix, buffer values between 2**31 and 2**32 are not detected as 
invalid values. Your fix would help, but since we have to touch the 
code, I suggest to modernize it, moving from simple_strtoul() to 
kstrtouint(). This would be the patch I have in mind:

--- a/drivers/s390/net/netiucv.c
+++ b/drivers/s390/net/netiucv.c
@@ -1564,21 +1564,21 @@ static ssize_t buffer_write (struct devi
  {
  	struct netiucv_priv *priv = dev_get_drvdata(dev);
  	struct net_device *ndev = priv->conn->netdev;
-	char         *e;
-	int          bs1;
+	unsigned int bs1;
+	int rc;

  	IUCV_DBF_TEXT(trace, 3, __func__);
  	if (count >= 39)
  		return -EINVAL;

-	bs1 = simple_strtoul(buf, &e, 0);
+	rc = kstrtouint(buf, 0, &bs1);

-	if (e && (!isspace(*e))) {
-		IUCV_DBF_TEXT_(setup, 2, "buffer_write: invalid char %02x\n",
-			*e);
+	if (rc == -EINVAL) {
+		IUCV_DBF_TEXT_(setup, 2, "buffer_write: invalid char %s\n",
+			buf);
  		return -EINVAL;
  	}
-	if (bs1 > NETIUCV_BUFSIZE_MAX) {
+	if ((rc == -ERANGE) || (bs1 > NETIUCV_BUFSIZE_MAX)) {
  		IUCV_DBF_TEXT_(setup, 2,
  			"buffer_write: buffer size %d too large\n",
  			bs1);

And a question about your static checker detecting this problem: Is it a 
private checker, or something we could use as well?
Does your checker like my patch version?

Thanks, Ursula

On 07/14/2016 01:30 PM, Dan Carpenter wrote:
> I haven't looked at the implications but we accidentally allow bs1 to
> be negative.  It makes my static checker complain.
>
> Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
>
> diff --git a/drivers/s390/net/netiucv.c b/drivers/s390/net/netiucv.c
> index b0e8ffd..85a5744 100644
> --- a/drivers/s390/net/netiucv.c
> +++ b/drivers/s390/net/netiucv.c
> @@ -1578,7 +1578,7 @@ static ssize_t buffer_write (struct device *dev, struct device_attribute *attr,
>   			*e);
>   		return -EINVAL;
>   	}
> -	if (bs1 > NETIUCV_BUFSIZE_MAX) {
> +	if (bs1 < 0 || bs1 > NETIUCV_BUFSIZE_MAX) {
>   		IUCV_DBF_TEXT_(setup, 2,
>   			"buffer_write: buffer size %d too large\n",
>   			bs1);
>

next prev parent reply	other threads:[~2016-07-15  7:11 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-07-14 11:30 [patch] netiucv: silence an underflow warning Dan Carpenter
2016-07-14 11:30 ` Dan Carpenter
2016-07-15  7:11 ` Ursula Braun [this message]
2016-07-15  7:11   ` Ursula Braun
2016-07-15  8:33   ` Dan Carpenter
2016-07-15  8:33     ` Dan Carpenter

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=57888CBE.9050002@linux.vnet.ibm.com \
    --to=ubraun@linux.vnet.ibm.com \
    --cc=dan.carpenter@oracle.com \
    --cc=heiko.carstens@de.ibm.com \
    --cc=kernel-janitors@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-s390@vger.kernel.org \
    --cc=schwidefsky@de.ibm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.