When the list of head is empty, no error return code of
smc_diag_dump_proto() is assigned.
To fix this bug, rc is assigned with -ENOENT as error return code.
Reported-by: TOTE Robot <[email protected]>
Signed-off-by: Jia-Ju Bai <[email protected]>
---
net/smc/smc_diag.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/net/smc/smc_diag.c b/net/smc/smc_diag.c
index c952986a6aca..a90889482842 100644
--- a/net/smc/smc_diag.c
+++ b/net/smc/smc_diag.c
@@ -201,8 +201,10 @@ static int smc_diag_dump_proto(struct proto *prot, struct sk_buff *skb,
read_lock(&prot->h.smc_hash->lock);
head = &prot->h.smc_hash->ht;
- if (hlist_empty(head))
+ if (hlist_empty(head)) {
+ rc = -ENOENT;
goto out;
+ }
sk_for_each(sk, head) {
if (!net_eq(sock_net(sk), net))
--
2.17.1
On 05/03/2021 11:13, Jia-Ju Bai wrote:
> When the list of head is empty, no error return code of
> smc_diag_dump_proto() is assigned.
> To fix this bug, rc is assigned with -ENOENT as error return code.
Your change would break smc_diag_dump().
When there are no IPv4 sockets (SMCPROTO_SMC) in the list and -ENOENT
is returned then smc_diag_dump() will not try to dump any IPv6 sockets
(SMCPROTO_SMC6). Returning zero is correct here.
>
> Reported-by: TOTE Robot <[email protected]>
> Signed-off-by: Jia-Ju Bai <[email protected]>
> ---
> net/smc/smc_diag.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/net/smc/smc_diag.c b/net/smc/smc_diag.c
> index c952986a6aca..a90889482842 100644
> --- a/net/smc/smc_diag.c
> +++ b/net/smc/smc_diag.c
> @@ -201,8 +201,10 @@ static int smc_diag_dump_proto(struct proto *prot, struct sk_buff *skb,
>
> read_lock(&prot->h.smc_hash->lock);
> head = &prot->h.smc_hash->ht;
> - if (hlist_empty(head))
> + if (hlist_empty(head)) {
> + rc = -ENOENT;
> goto out;
> + }
>
> sk_for_each(sk, head) {
> if (!net_eq(sock_net(sk), net))
>
--
Karsten
(I'm a dude)