Re: [PATCH] scsi: integer overflow in megadev_ioctl()

From: Levente Kurusa
Date: Fri Dec 13 2013 - 12:02:13 EST

Next message: SÃren Brinkmann: "Re: [PATCH v3 1/2] mmc: arasan: Add driver for Arasan SDHCI"
Previous message: Gordan Bobic: "Re: [RFC PATCH] Xen PCI back - do slot and bus reset (v0)."
In reply to: Yu Chen: "[PATCH] scsi: integer overflow in megadev_ioctl()"
Next in thread: Yu Chen: "Re: [PATCH] scsi: integer overflow in megadev_ioctl()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

On 12/13/2013 05:55 PM, Yu Chen wrote:
> drivers/scsi/megaraid.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/scsi/megaraid.c b/drivers/scsi/megaraid.c
> index 816db12..41bbc21 100644
> --- a/drivers/scsi/megaraid.c
> +++ b/drivers/scsi/megaraid.c
> @@ -3113,7 +3113,8 @@ megadev_ioctl(struct file *filep, unsigned int
> cmd, unsigned long arg)
> /*
> * Which adapter
> */
> - if( (adapno = GETADAP(uioc.adapno)) >= hba_count )
> + adapno = GETADAP(uioc.adapno);
> + if( adapno >= hba_count || adapno < 0 )
> return (-ENODEV);

Wouldn't returning -EINVAL be better? For hba_count I understand that
-ENODEV is returned but for adapno being a passed variable, I would
suggest returning -EINVAL.

--
Regards,
Levente Kurusa
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: SÃren Brinkmann: "Re: [PATCH v3 1/2] mmc: arasan: Add driver for Arasan SDHCI"
Previous message: Gordan Bobic: "Re: [RFC PATCH] Xen PCI back - do slot and bus reset (v0)."
In reply to: Yu Chen: "[PATCH] scsi: integer overflow in megadev_ioctl()"
Next in thread: Yu Chen: "Re: [PATCH] scsi: integer overflow in megadev_ioctl()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]