Re: [PATCH] net/ncsi: prevent a couple array underflows

2018-05-17 Thread David Miller 
From: Dan Carpenter 
Date: Thu, 17 May 2018 15:33:36 +0300

> We recently refactored this code and introduced a static checker
> warning.  Smatch complains that if cmd->index is zero then we would
> underflow the arrays.  That's obviously true.
> 
> The question is whether we prevent cmd->index from being zero at a
> different level.  I've looked at the code and I don't immediately see
> a check for that.
> 
> Fixes: 062b3e1b6d4f ("net/ncsi: Refactor MAC, VLAN filters")
> Signed-off-by: Dan Carpenter 

Applied to net-next, thanks Dan.

[PATCH] net/ncsi: prevent a couple array underflows

2018-05-17 Thread Dan Carpenter 
We recently refactored this code and introduced a static checker
warning.  Smatch complains that if cmd->index is zero then we would
underflow the arrays.  That's obviously true.

The question is whether we prevent cmd->index from being zero at a
different level.  I've looked at the code and I don't immediately see
a check for that.

Fixes: 062b3e1b6d4f ("net/ncsi: Refactor MAC, VLAN filters")
Signed-off-by: Dan Carpenter 

diff --git a/net/ncsi/ncsi-rsp.c b/net/ncsi/ncsi-rsp.c
index ce9497966ebe..a6b7c7d5c829 100644
--- a/net/ncsi/ncsi-rsp.c
+++ b/net/ncsi/ncsi-rsp.c
@@ -347,7 +347,7 @@ static int ncsi_rsp_handler_svf(struct ncsi_request *nr)
 
cmd = (struct ncsi_cmd_svf_pkt *)skb_network_header(nr->cmd);
ncf = >vlan_filter;
-   if (cmd->index > ncf->n_vids)
+   if (cmd->index == 0 || cmd->index > ncf->n_vids)
return -ERANGE;
 
/* Add or remove the VLAN filter. Remember HW indexes from 1 */
@@ -445,7 +445,8 @@ static int ncsi_rsp_handler_sma(struct ncsi_request *nr)
ncf = >mac_filter;
bitmap = >bitmap;
 
-   if (cmd->index > ncf->n_uc + ncf->n_mc + ncf->n_mixed)
+   if (cmd->index == 0 ||
+   cmd->index > ncf->n_uc + ncf->n_mc + ncf->n_mixed)
return -ERANGE;
 
index = (cmd->index - 1) * ETH_ALEN;