2022-06-23 13:48:30

by Dan Carpenter

[permalink] [raw]
Subject: [PATCH] pstore/zone: cleanup "rcnt" type

The info->read() function returns ssize_t. That means that info->read()
either returns either negative error codes or a positive number
representing the bytes read.

The "rcnt" variable should be declared as ssize_t as well. Most places
do this correctly but psz_kmsg_recover_meta() needed to be fixed.

This code casts the "rcnt" to int. That is unnecessary when "rcnt"
is already signed. It's also slightly wrong because if info->read()
returned a very high (more than INT_MAX) number of bytes then this might
treat that as an error. This bug cannot happen in real life, so it
doesn't affect run time, but static checkers correctly complain that it
is wrong.

fs/pstore/zone.c:366 psz_kmsg_recover_data() warn: casting 'rcnt' truncates high bits

Signed-off-by: Dan Carpenter <[email protected]>
---
The static checker heuristic in this case is looking at ssize_t
functions which return kernel error codes. It generates very few
warnings. I haven't published it yet but I will.

fs/pstore/zone.c | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/fs/pstore/zone.c b/fs/pstore/zone.c
index 7c8f8feac6c3..017d0d4ad329 100644
--- a/fs/pstore/zone.c
+++ b/fs/pstore/zone.c
@@ -363,7 +363,7 @@ static int psz_kmsg_recover_data(struct psz_context *cxt)
rcnt = info->read((char *)buf, zone->buffer_size + sizeof(*buf),
zone->off);
if (rcnt != zone->buffer_size + sizeof(*buf))
- return (int)rcnt < 0 ? (int)rcnt : -EIO;
+ return rcnt < 0 ? rcnt : -EIO;
}
return 0;
}
@@ -372,7 +372,7 @@ static int psz_kmsg_recover_meta(struct psz_context *cxt)
{
struct pstore_zone_info *info = cxt->pstore_zone_info;
struct pstore_zone *zone;
- size_t rcnt, len;
+ ssize_t rcnt, len;
struct psz_buffer *buf;
struct psz_kmsg_header *hdr;
struct timespec64 time = { };
@@ -400,7 +400,7 @@ static int psz_kmsg_recover_meta(struct psz_context *cxt)
continue;
} else if (rcnt != len) {
pr_err("read %s with id %lu failed\n", zone->name, i);
- return (int)rcnt < 0 ? (int)rcnt : -EIO;
+ return rcnt < 0 ? rcnt : -EIO;
}

if (buf->sig != zone->buffer->sig) {
@@ -502,7 +502,7 @@ static int psz_recover_zone(struct psz_context *cxt, struct pstore_zone *zone)
rcnt = info->read((char *)&tmpbuf, len, zone->off);
if (rcnt != len) {
pr_debug("read zone %s failed\n", zone->name);
- return (int)rcnt < 0 ? (int)rcnt : -EIO;
+ return rcnt < 0 ? rcnt : -EIO;
}

if (tmpbuf.sig != zone->buffer->sig) {
@@ -544,7 +544,7 @@ static int psz_recover_zone(struct psz_context *cxt, struct pstore_zone *zone)
rcnt = info->read(buf, len - start, off + start);
if (rcnt != len - start) {
pr_err("read zone %s failed\n", zone->name);
- ret = (int)rcnt < 0 ? (int)rcnt : -EIO;
+ ret = rcnt < 0 ? rcnt : -EIO;
goto free_oldbuf;
}

@@ -552,7 +552,7 @@ static int psz_recover_zone(struct psz_context *cxt, struct pstore_zone *zone)
rcnt = info->read(buf + len - start, start, off);
if (rcnt != start) {
pr_err("read zone %s failed\n", zone->name);
- ret = (int)rcnt < 0 ? (int)rcnt : -EIO;
+ ret = rcnt < 0 ? rcnt : -EIO;
goto free_oldbuf;
}

--
2.35.1


2022-06-23 15:55:29

by Kees Cook

[permalink] [raw]
Subject: Re: [PATCH] pstore/zone: cleanup "rcnt" type

On Thu, 23 Jun 2022 16:40:13 +0300, Dan Carpenter wrote:
> The info->read() function returns ssize_t. That means that info->read()
> either returns either negative error codes or a positive number
> representing the bytes read.
>
> The "rcnt" variable should be declared as ssize_t as well. Most places
> do this correctly but psz_kmsg_recover_meta() needed to be fixed.
>
> [...]

Applied to for-next/pstore, thanks!

[1/1] pstore/zone: cleanup "rcnt" type
https://git.kernel.org/kees/c/2c09d1443b9b

--
Kees Cook