[patch v2] ncpfs: don't allow negative timeouts

From: Dan Carpenter
Date: Tue Nov 10 2015 - 17:15:10 EST

Next message: Jerry Hoemann: "Re: [PATCH 3/4] nvdimm: Add IOCTL pass thru"
Previous message: Johannes Weiner: "[PATCH v2] net: tcp_memcontrol: sanitize tcp memory accounting callbacks"
In reply to: Jan Kara: "Re: [patch] ncpfs: don't allow negative timeouts"
Next in thread: Jan Kara: "Re: [patch v2] ncpfs: don't allow negative timeouts"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This code causes a static checker warning because it's a user controlled
variable where we cap the upper bound but not the lower bound. Let's
return an -EINVAL for negative timeouts.

Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
---
v2: in the original I just ignored the invalid data and went with the
default but now it returns -EINVAL.

diff --git a/fs/ncpfs/ioctl.c b/fs/ncpfs/ioctl.c
index 79b1130..ebf45d2 100644
--- a/fs/ncpfs/ioctl.c
+++ b/fs/ncpfs/ioctl.c
@@ -525,7 +525,9 @@ static long __ncp_ioctl(struct inode *inode, unsigned int cmd, unsigned long arg
switch (rqdata.cmd) {
case NCP_LOCK_EX:
case NCP_LOCK_SH:
- if (rqdata.timeout == 0)
+ if (rqdata.timeout < 0)
+ return -EINVAL;
+ else if (rqdata.timeout == 0)
rqdata.timeout = NCP_LOCK_DEFAULT_TIMEOUT;
else if (rqdata.timeout > NCP_LOCK_MAX_TIMEOUT)
rqdata.timeout = NCP_LOCK_MAX_TIMEOUT;
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Jerry Hoemann: "Re: [PATCH 3/4] nvdimm: Add IOCTL pass thru"
Previous message: Johannes Weiner: "[PATCH v2] net: tcp_memcontrol: sanitize tcp memory accounting callbacks"
In reply to: Jan Kara: "Re: [patch] ncpfs: don't allow negative timeouts"
Next in thread: Jan Kara: "Re: [patch v2] ncpfs: don't allow negative timeouts"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]