Re: [PATCH] powerpc/rtas_flash: fix a potential buffer overflow

From: kernel test robot
Date: Tue Jul 13 2021 - 23:17:43 EST


Hi Yi,

Thank you for the patch! Perhaps something to improve:

[auto build test WARNING on powerpc/next]
[also build test WARNING on v5.14-rc1 next-20210713]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch]

url: https://github.com/0day-ci/linux/commits/Yi-Zhuang/powerpc-rtas_flash-fix-a-potential-buffer-overflow/20210714-090314
base: https://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux.git next
config: powerpc-allyesconfig (attached as .config)
compiler: powerpc64-linux-gcc (GCC) 9.3.0
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# https://github.com/0day-ci/linux/commit/546db7a99374dedd110a01801ad4456f56170d4d
git remote add linux-review https://github.com/0day-ci/linux
git fetch --no-tags linux-review Yi-Zhuang/powerpc-rtas_flash-fix-a-potential-buffer-overflow/20210714-090314
git checkout 546db7a99374dedd110a01801ad4456f56170d4d
# save the attached .config to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-9.3.0 make.cross ARCH=powerpc

If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@xxxxxxxxx>

All warnings (new ones prefixed by >>):

arch/powerpc/kernel/rtas_flash.c: In function 'get_validate_flash_msg':
>> arch/powerpc/kernel/rtas_flash.c:472:3: warning: this 'if' clause does not guard... [-Wmisleading-indentation]
472 | if ((args_buf->update_results >= VALIDATE_CUR_UNKNOWN) ||
| ^~
arch/powerpc/kernel/rtas_flash.c:476:4: note: ...this statement, but the latter is misleadingly indented as if it were guarded by the 'if'
476 | if (n >= msglen) {
| ^~


vim +/if +472 arch/powerpc/kernel/rtas_flash.c

^1da177e4c3f41 arch/ppc64/kernel/rtas_flash.c Linus Torvalds 2005-04-16 464
^1da177e4c3f41 arch/ppc64/kernel/rtas_flash.c Linus Torvalds 2005-04-16 465 static int get_validate_flash_msg(struct rtas_validate_flash_t *args_buf,
a94a14720eaf55 arch/powerpc/kernel/rtas_flash.c Vasant Hegde 2013-05-07 466 char *msg, int msglen)
^1da177e4c3f41 arch/ppc64/kernel/rtas_flash.c Linus Torvalds 2005-04-16 467 {
^1da177e4c3f41 arch/ppc64/kernel/rtas_flash.c Linus Torvalds 2005-04-16 468 int n;
^1da177e4c3f41 arch/ppc64/kernel/rtas_flash.c Linus Torvalds 2005-04-16 469
^1da177e4c3f41 arch/ppc64/kernel/rtas_flash.c Linus Torvalds 2005-04-16 470 if (args_buf->status >= VALIDATE_TMP_UPDATE) {
^1da177e4c3f41 arch/ppc64/kernel/rtas_flash.c Linus Torvalds 2005-04-16 471 n = sprintf(msg, "%d\n", args_buf->update_results);
^1da177e4c3f41 arch/ppc64/kernel/rtas_flash.c Linus Torvalds 2005-04-16 @472 if ((args_buf->update_results >= VALIDATE_CUR_UNKNOWN) ||
^1da177e4c3f41 arch/ppc64/kernel/rtas_flash.c Linus Torvalds 2005-04-16 473 (args_buf->update_results == VALIDATE_TMP_UPDATE))
a94a14720eaf55 arch/powerpc/kernel/rtas_flash.c Vasant Hegde 2013-05-07 474 n += snprintf(msg + n, msglen - n, "%s\n",
a94a14720eaf55 arch/powerpc/kernel/rtas_flash.c Vasant Hegde 2013-05-07 475 args_buf->buf);
546db7a99374de arch/powerpc/kernel/rtas_flash.c Yi Zhuang 2021-07-14 476 if (n >= msglen) {
546db7a99374de arch/powerpc/kernel/rtas_flash.c Yi Zhuang 2021-07-14 477 n = msglen;
546db7a99374de arch/powerpc/kernel/rtas_flash.c Yi Zhuang 2021-07-14 478 printk(KERN_ERR "FLASH: msg too long.\n");
546db7a99374de arch/powerpc/kernel/rtas_flash.c Yi Zhuang 2021-07-14 479 }
^1da177e4c3f41 arch/ppc64/kernel/rtas_flash.c Linus Torvalds 2005-04-16 480 } else {
^1da177e4c3f41 arch/ppc64/kernel/rtas_flash.c Linus Torvalds 2005-04-16 481 n = sprintf(msg, "%d\n", args_buf->status);
^1da177e4c3f41 arch/ppc64/kernel/rtas_flash.c Linus Torvalds 2005-04-16 482 }
^1da177e4c3f41 arch/ppc64/kernel/rtas_flash.c Linus Torvalds 2005-04-16 483 return n;
^1da177e4c3f41 arch/ppc64/kernel/rtas_flash.c Linus Torvalds 2005-04-16 484 }
^1da177e4c3f41 arch/ppc64/kernel/rtas_flash.c Linus Torvalds 2005-04-16 485

---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@xxxxxxxxxxxx

Attachment: .config.gz
Description: application/gzip