> -----Original Message----- > From: Colin Ian King [mailto:colin.king@xxxxxxxxxxxxx] > Sent: Tuesday, July 31, 2018 2:28 PM > To: Dreyfuss, Haim <haim.dreyfuss@xxxxxxxxx>; David S. Miller > <davem@xxxxxxxxxxxxx>; Johannes Berg <johannes@xxxxxxxxxxxxxxxx>; > netdev@xxxxxxxxxxxxxxx; linux-wireless@xxxxxxxxxxxxxxx > Cc: linux-kernel@xxxxxxxxxxxxxxx > Subject: re: [PATCH] cfg80211: read wmm rules from regulatory database > > Hi Haim, > > I think there may be an issue with the commit: > > From 230ebaa189af44d50dccb4a1846e39ca594e347b Mon Sep 17 00:00:00 > 2001 > From: Haim Dreyfuss <haim.dreyfuss@xxxxxxxxx> > Date: Wed, 28 Mar 2018 13:24:09 +0300 > Subject: [PATCH] cfg80211: read wmm rules from regulatory database > > specifically in function: reg_copy_regd() > > + for (i = 0; i < src_regd->n_reg_rules; i++) { > memcpy(®d->reg_rules[i], &src_regd->reg_rules[i], > sizeof(struct ieee80211_reg_rule)); > + if (!src_regd->reg_rules[i].wmm_rule) > + continue; > > + regd->reg_rules[i].wmm_rule = d_wmm + > + (src_regd->reg_rules[i].wmm_rule - s_wmm) / > + sizeof(struct ieee80211_wmm_rule); > + } > > The pointer arithmetic (src_regd->reg_rules[i].wmm_rule - s_wmm) is > performed in terms of the size of struct ieee80211_wmm_rule and not in > bytes and I believe that the division by sizeof(struct > ieee80211_wmm_rule) is not required. > > This issue was detected by static analysis with Coverity Scan, > CID#1467451 ("Extra sizeof expression"), 'suspicious_division' > > I'm not 100% sure that is this a false positive or not, but I think it looks > incorrect to me. Yeah you're right, this is not false positive. Johannes already fixed that and Luca will probably send it in the coming week. >
