2021-09-19 3:51 GMT+09:00, kernel test robot <lkp@xxxxxxxxx>: > Hi Namjae, Hi, I will fix it, Thanks for your report! > > I love your patch! Perhaps something to improve: > > [auto build test WARNING on linus/master] > [also build test WARNING on v5.15-rc1 next-20210917] > [If your patch is applied to the wrong git tree, kindly drop us a note. > And when submitting patch, we suggest to use '--base' as documented in > https://git-scm.com/docs/git-format-patch] > > url: > https://github.com/0day-ci/linux/commits/Namjae-Jeon/ksmbd-add-request-buffer-validation-in-smb2_set_info/20210918-174717 > base: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git > 4357f03d6611753936e4d52fc251b54a6afb1b54 > config: hexagon-randconfig-r022-20210918 (attached as .config) > compiler: clang version 14.0.0 (https://github.com/llvm/llvm-project > c8b3d7d6d6de37af68b2f379d0e37304f78e115f) > reproduce (this is a W=1 build): > wget > https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O > ~/bin/make.cross > chmod +x ~/bin/make.cross > # > https://github.com/0day-ci/linux/commit/57e7ede2bf2d38cb0f368f2fc54d646168b3d119 > git remote add linux-review https://github.com/0day-ci/linux > git fetch --no-tags linux-review > Namjae-Jeon/ksmbd-add-request-buffer-validation-in-smb2_set_info/20210918-174717 > git checkout 57e7ede2bf2d38cb0f368f2fc54d646168b3d119 > # save the attached .config to linux build tree > COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross W=1 > ARCH=hexagon > > If you fix the issue, kindly add following tag as appropriate > Reported-by: kernel test robot <lkp@xxxxxxxxx> > > All warnings (new ones prefixed by >>): > >>> fs/ksmbd/smb2pdu.c:7037:6: warning: variable 'ret' is used uninitialized >>> whenever 'if' condition is true [-Wsometimes-uninitialized] > if (chunk_count == 0) > ^~~~~~~~~~~~~~~~ > fs/ksmbd/smb2pdu.c:7120:9: note: uninitialized use occurs here > return ret; > ^~~ > fs/ksmbd/smb2pdu.c:7037:2: note: remove the 'if' if its condition is > always false > if (chunk_count == 0) > ^~~~~~~~~~~~~~~~~~~~~ > fs/ksmbd/smb2pdu.c:7020:9: note: initialize the variable 'ret' to silence > this warning > int ret, cnt_code; > ^ > = 0 > 1 warning generated. > > > vim +7037 fs/ksmbd/smb2pdu.c > > 7009 > 7010 static int fsctl_copychunk(struct ksmbd_work *work, struct > smb2_ioctl_req *req, > 7011 struct smb2_ioctl_rsp *rsp) > 7012 { > 7013 struct copychunk_ioctl_req *ci_req; > 7014 struct copychunk_ioctl_rsp *ci_rsp; > 7015 struct ksmbd_file *src_fp = NULL, *dst_fp = NULL; > 7016 struct srv_copychunk *chunks; > 7017 unsigned int i, chunk_count, chunk_count_written = 0; > 7018 unsigned int chunk_size_written = 0; > 7019 loff_t total_size_written = 0; > 7020 int ret, cnt_code; > 7021 > 7022 cnt_code = le32_to_cpu(req->CntCode); > 7023 ci_req = (struct copychunk_ioctl_req *)&req->Buffer[0]; > 7024 ci_rsp = (struct copychunk_ioctl_rsp *)&rsp->Buffer[0]; > 7025 > 7026 rsp->VolatileFileId = req->VolatileFileId; > 7027 rsp->PersistentFileId = req->PersistentFileId; > 7028 ci_rsp->ChunksWritten = > 7029 cpu_to_le32(ksmbd_server_side_copy_max_chunk_count()); > 7030 ci_rsp->ChunkBytesWritten = > 7031 cpu_to_le32(ksmbd_server_side_copy_max_chunk_size()); > 7032 ci_rsp->TotalBytesWritten = > 7033 cpu_to_le32(ksmbd_server_side_copy_max_total_size()); > 7034 > 7035 chunks = (struct srv_copychunk *)&ci_req->Chunks[0]; > 7036 chunk_count = le32_to_cpu(ci_req->ChunkCount); >> 7037 if (chunk_count == 0) > 7038 goto out; > 7039 total_size_written = 0; > 7040 > 7041 /* verify the SRV_COPYCHUNK_COPY packet */ > 7042 if (chunk_count > ksmbd_server_side_copy_max_chunk_count() || > 7043 le32_to_cpu(req->InputCount) < > 7044 offsetof(struct copychunk_ioctl_req, Chunks) + > 7045 chunk_count * sizeof(struct srv_copychunk)) { > 7046 rsp->hdr.Status = STATUS_INVALID_PARAMETER; > 7047 return -EINVAL; > 7048 } > 7049 > 7050 for (i = 0; i < chunk_count; i++) { > 7051 if (le32_to_cpu(chunks[i].Length) == 0 || > 7052 le32_to_cpu(chunks[i].Length) > > ksmbd_server_side_copy_max_chunk_size()) > 7053 break; > 7054 total_size_written += le32_to_cpu(chunks[i].Length); > 7055 } > 7056 > 7057 if (i < chunk_count || > 7058 total_size_written > ksmbd_server_side_copy_max_total_size()) { > 7059 rsp->hdr.Status = STATUS_INVALID_PARAMETER; > 7060 return -EINVAL; > 7061 } > 7062 > 7063 src_fp = ksmbd_lookup_foreign_fd(work, > 7064 le64_to_cpu(ci_req->ResumeKey[0])); > 7065 dst_fp = ksmbd_lookup_fd_slow(work, > 7066 le64_to_cpu(req->VolatileFileId), > 7067 le64_to_cpu(req->PersistentFileId)); > 7068 ret = -EINVAL; > 7069 if (!src_fp || > 7070 src_fp->persistent_id != le64_to_cpu(ci_req->ResumeKey[1])) { > 7071 rsp->hdr.Status = STATUS_OBJECT_NAME_NOT_FOUND; > 7072 goto out; > 7073 } > 7074 > 7075 if (!dst_fp) { > 7076 rsp->hdr.Status = STATUS_FILE_CLOSED; > 7077 goto out; > 7078 } > 7079 > 7080 /* > 7081 * FILE_READ_DATA should only be included in > 7082 * the FSCTL_COPYCHUNK case > 7083 */ > 7084 if (cnt_code == FSCTL_COPYCHUNK && > 7085 !(dst_fp->daccess & (FILE_READ_DATA_LE | FILE_GENERIC_READ_LE))) > { > 7086 rsp->hdr.Status = STATUS_ACCESS_DENIED; > 7087 goto out; > 7088 } > 7089 > 7090 ret = ksmbd_vfs_copy_file_ranges(work, src_fp, dst_fp, > 7091 chunks, chunk_count, > 7092 &chunk_count_written, > 7093 &chunk_size_written, > 7094 &total_size_written); > 7095 if (ret < 0) { > 7096 if (ret == -EACCES) > 7097 rsp->hdr.Status = STATUS_ACCESS_DENIED; > 7098 if (ret == -EAGAIN) > 7099 rsp->hdr.Status = STATUS_FILE_LOCK_CONFLICT; > 7100 else if (ret == -EBADF) > 7101 rsp->hdr.Status = STATUS_INVALID_HANDLE; > 7102 else if (ret == -EFBIG || ret == -ENOSPC) > 7103 rsp->hdr.Status = STATUS_DISK_FULL; > 7104 else if (ret == -EINVAL) > 7105 rsp->hdr.Status = STATUS_INVALID_PARAMETER; > 7106 else if (ret == -EISDIR) > 7107 rsp->hdr.Status = STATUS_FILE_IS_A_DIRECTORY; > 7108 else if (ret == -E2BIG) > 7109 rsp->hdr.Status = STATUS_INVALID_VIEW_SIZE; > 7110 else > 7111 rsp->hdr.Status = STATUS_UNEXPECTED_IO_ERROR; > 7112 } > 7113 > 7114 ci_rsp->ChunksWritten = cpu_to_le32(chunk_count_written); > 7115 ci_rsp->ChunkBytesWritten = cpu_to_le32(chunk_size_written); > 7116 ci_rsp->TotalBytesWritten = cpu_to_le32(total_size_written); > 7117 out: > 7118 ksmbd_fd_put(work, src_fp); > 7119 ksmbd_fd_put(work, dst_fp); > 7120 return ret; > 7121 } > 7122 > > --- > 0-DAY CI Kernel Test Service, Intel Corporation > https://lists.01.org/hyperkitty/list/kbuild-all@xxxxxxxxxxxx >
