Re: [PATCH next] ca8210: Fix unsigned mac_len comparison with zero in ca8210_skb_tx()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello Simon.

On 07.03.23 09:42, Simon Horman wrote:
On Mon, Mar 06, 2023 at 11:18:24AM -0800, Harshit Mogalapalli wrote:
mac_len is of type unsigned, which can never be less than zero.

	mac_len = ieee802154_hdr_peek_addrs(skb, &header);
	if (mac_len < 0)
		return mac_len;

Change this to type int as ieee802154_hdr_peek_addrs() can return negative
integers, this is found by static analysis with smatch.

Fixes: ded845a781a5 ("ieee802154: Add CA8210 IEEE 802.15.4 device driver")
Signed-off-by: Harshit Mogalapalli <harshit.m.mogalapalli@xxxxxxxxxx>

I discussed this briefly with Harshit offline.

The commit referenced above tag does add the call to
ieee802154_hdr_peek_addrs(), an there is a sign miss match between
the return value and the variable.

The code to check the mac_len was added more recently, by the following
commit. However the fixes tag is probably fine as-is, because it's fixing
error handling of a call made in that commit.

6c993779ea1d ("ca8210: fix mac_len negative array access")

Reviewed-by: Simon Horman <simon.horman@xxxxxxxxxxxx>

I agree that the commit above is the better Fixes tag as it makes clear it only comes after this change. I amended the commit message accordingly when applying this to wpan.

regards
Stefan Schmidt



[Index of Archives]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Linux Audio Users]     [Photo]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux