diff mbox series

Bluetooth: qca: Fix error code in qca_read_fw_build_info()

Message ID 515be96c-4c44-44d5-891f-fe57275e9f47@moroto.mountain
State Accepted
Commit 0ae8d9b9ea1e2cc94688114b373ca3e4dbe0c032
Headers show
Series Bluetooth: qca: Fix error code in qca_read_fw_build_info() | expand

Commit Message

Dan Carpenter May 4, 2024, 11:25 a.m. UTC
Return -ENOMEM on allocation failure.  Don't return success.

Fixes: cfc2a7747108 ("Bluetooth: qca: fix info leak when fetching fw build id")
Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org>
---
 drivers/bluetooth/btqca.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

Comments

bluez.test.bot@gmail.com May 4, 2024, 11:55 a.m. UTC | #1
This is automated email and please do not reply to this email!

Dear submitter,

Thank you for submitting the patches to the linux bluetooth mailing list.
This is a CI test results with your patch series:
PW Link:https://patchwork.kernel.org/project/bluetooth/list/?series=850445

---Test result---

Test Summary:
CheckPatch                    PASS      0.52 seconds
GitLint                       PASS      0.22 seconds
SubjectPrefix                 PASS      0.07 seconds
BuildKernel                   PASS      29.88 seconds
CheckAllWarning               PASS      32.70 seconds
CheckSparse                   PASS      40.47 seconds
CheckSmatch                   FAIL      35.81 seconds
BuildKernel32                 PASS      28.64 seconds
TestRunnerSetup               PASS      519.33 seconds
TestRunner_l2cap-tester       PASS      20.38 seconds
TestRunner_iso-tester         PASS      32.67 seconds
TestRunner_bnep-tester        PASS      4.84 seconds
TestRunner_mgmt-tester        PASS      108.87 seconds
TestRunner_rfcomm-tester      PASS      7.37 seconds
TestRunner_sco-tester         PASS      15.02 seconds
TestRunner_ioctl-tester       PASS      7.79 seconds
TestRunner_mesh-tester        PASS      5.75 seconds
TestRunner_smp-tester         PASS      6.78 seconds
TestRunner_userchan-tester    PASS      4.91 seconds
IncrementalBuild              PASS      27.36 seconds

Details
##############################
Test: CheckSmatch - FAIL
Desc: Run smatch tool with source
Output:

Segmentation fault (core dumped)
make[4]: *** [scripts/Makefile.build:244: net/bluetooth/hci_core.o] Error 139
make[4]: *** Deleting file 'net/bluetooth/hci_core.o'
make[3]: *** [scripts/Makefile.build:485: net/bluetooth] Error 2
make[2]: *** [scripts/Makefile.build:485: net] Error 2
make[2]: *** Waiting for unfinished jobs....
Segmentation fault (core dumped)
make[4]: *** [scripts/Makefile.build:244: drivers/bluetooth/bcm203x.o] Error 139
make[4]: *** Deleting file 'drivers/bluetooth/bcm203x.o'
make[4]: *** Waiting for unfinished jobs....
Segmentation fault (core dumped)
make[4]: *** [scripts/Makefile.build:244: drivers/bluetooth/bpa10x.o] Error 139
make[4]: *** Deleting file 'drivers/bluetooth/bpa10x.o'
make[3]: *** [scripts/Makefile.build:485: drivers/bluetooth] Error 2
make[2]: *** [scripts/Makefile.build:485: drivers] Error 2
make[1]: *** [/github/workspace/src/src/Makefile:1919: .] Error 2
make: *** [Makefile:240: __sub-make] Error 2


---
Regards,
Linux Bluetooth
Johan Hovold May 6, 2024, 7:49 a.m. UTC | #2
On Sat, May 04, 2024 at 02:25:43PM +0300, Dan Carpenter wrote:
> Return -ENOMEM on allocation failure.  Don't return success.

Thanks, Dan.

Fortunately this error path is never taken due to the small allocation
size, but if it were it would only lead to a debugfs attribute holding
the fw build id not being created.

That said, it should still be fixed of course even this can wait for
6.10-rc1.

> Fixes: cfc2a7747108 ("Bluetooth: qca: fix info leak when fetching fw build id")

This one should also have a matching:

Cc: stable@vger.kernel.org	# 5.12

> Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org>

Reviewed-by: Johan Hovold <johan+linaro@kernel.org>

> @@ -136,8 +136,10 @@ static int qca_read_fw_build_info(struct hci_dev *hdev)
>  	}
>  
>  	build_label = kstrndup(&edl->data[1], build_lbl_len, GFP_KERNEL);
> -	if (!build_label)
> +	if (!build_label) {
> +		err = -ENOMEM;
>  		goto out;
> +	}
>  
>  	hci_set_fw_info(hdev, "%s", build_label);

Johan
patchwork-bot+bluetooth@kernel.org May 6, 2024, 5 p.m. UTC | #3
Hello:

This patch was applied to bluetooth/bluetooth-next.git (master)
by Luiz Augusto von Dentz <luiz.von.dentz@intel.com>:

On Sat, 4 May 2024 14:25:43 +0300 you wrote:
> Return -ENOMEM on allocation failure.  Don't return success.
> 
> Fixes: cfc2a7747108 ("Bluetooth: qca: fix info leak when fetching fw build id")
> Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org>
> ---
>  drivers/bluetooth/btqca.c | 4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)

Here is the summary with links:
  - Bluetooth: qca: Fix error code in qca_read_fw_build_info()
    https://git.kernel.org/bluetooth/bluetooth-next/c/0ae8d9b9ea1e

You are awesome, thank you!
diff mbox series

Patch

diff --git a/drivers/bluetooth/btqca.c b/drivers/bluetooth/btqca.c
index cc61014ffbc9..3b018ee33725 100644
--- a/drivers/bluetooth/btqca.c
+++ b/drivers/bluetooth/btqca.c
@@ -136,8 +136,10 @@  static int qca_read_fw_build_info(struct hci_dev *hdev)
 	}
 
 	build_label = kstrndup(&edl->data[1], build_lbl_len, GFP_KERNEL);
-	if (!build_label)
+	if (!build_label) {
+		err = -ENOMEM;
 		goto out;
+	}
 
 	hci_set_fw_info(hdev, "%s", build_label);