This code causes a static checker warning because it's a user controlled
variable where we cap the upper bound but not the lower bound. Let's
return an -EINVAL for negative timeouts.
Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
---
v2: in the original I just ignored the invalid data and went with the
default but now it returns -EINVAL.
diff --git a/fs/ncpfs/ioctl.c b/fs/ncpfs/ioctl.c
index 79b1130..ebf45d2 100644
--- a/fs/ncpfs/ioctl.c
+++ b/fs/ncpfs/ioctl.c
@@ -525,7 +525,9 @@ static long __ncp_ioctl(struct inode *inode, unsigned int cmd, unsigned long arg
switch (rqdata.cmd) {
case NCP_LOCK_EX:
case NCP_LOCK_SH:
- if (rqdata.timeout == 0)
+ if (rqdata.timeout < 0)
+ return -EINVAL;
+ else if (rqdata.timeout == 0)
rqdata.timeout = NCP_LOCK_DEFAULT_TIMEOUT;
else if (rqdata.timeout > NCP_LOCK_MAX_TIMEOUT)
rqdata.timeout = NCP_LOCK_MAX_TIMEOUT;
--
To unsubscribe from this list: send the line "unsubscribe kernel-janitors" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
