Re: [PATCH v3 14/15] iommufd: vfio container FD ioctl compatibility

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Tue, Nov 01, 2022 at 12:45:01PM -0700, Nicolin Chen wrote:
> On Tue, Oct 25, 2022 at 03:12:23PM -0300, Jason Gunthorpe wrote:
> 
> > +static int iommufd_vfio_iommu_get_info(struct iommufd_ctx *ictx,
> > +				       void __user *arg)
> 
> > +	if (copy_to_user(arg, &info, minsz))
> > +		rc = -EFAULT;
> > +	rc = 0;
> 
> Coverity reports a value overwriting here:
> rc gets -EFAULT first then gets overwritten to 0.

Indeed, it should be

        info.cap_offset = sizeof(info);
        info.argsz = total_cap_size;
        info.flags |= VFIO_IOMMU_INFO_CAPS;
-       if (copy_to_user(arg, &info, minsz))
+       if (copy_to_user(arg, &info, minsz)) {
                rc = -EFAULT;
+               goto out_put;
+       }
        rc = 0;

Jason
[Index of Archives]     [Linux Samsung SoC]     [Linux Rockchip SoC]     [Linux Actions SoC]     [Linux for Synopsys ARC Processors]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux