1. Patchew
  2. linux
  3. View series

[PATCH] afs: Fix overwriting of result of DNS query

David Howells posted 1 patch 1 year, 12 months ago
There is a newer version of this series
fs/afs/cell.c |    6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
[PATCH] afs: Fix overwriting of result of DNS query
Posted by David Howells 1 year, 12 months ago 
In afs_update_cell(), ret is the result of the DNS lookup and the errors
are to be handled by a switch - however, the value gets clobbered in
between by setting it to -ENOMEM in case afs_alloc_vlserver_list() fails.

Fix this by moving the setting of -ENOMEM into the error handling for OOM
failure.  Further, only do it if we don't have an alternative error to
return.

Found by Linux Verification Center (linuxtesting.org) with SVACE.  Based on
a patch from Anastasia Belova[1].

Fixes: d5c32c89b208 ("afs: Fix cell DNS lookup")
Signed-off-by: David Howells <dhowells@redhat.com>
cc: Anastasia Belova <abelova@astralinux.ru>
cc: Marc Dionne <marc.dionne@auristor.com>
cc: linux-afs@lists.infradead.org
cc: lvc-project@linuxtesting.org
Link: https://lore.kernel.org/r/20231221085849.1463-1-abelova@astralinux.ru/ [1]

---
 fs/afs/cell.c |    6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/fs/afs/cell.c b/fs/afs/cell.c
index 988c2ac7cece..926cb1188eba 100644
--- a/fs/afs/cell.c
+++ b/fs/afs/cell.c
@@ -409,10 +409,12 @@ static int afs_update_cell(struct afs_cell *cell)
 		if (ret == -ENOMEM)
 			goto out_wake;
 
-		ret = -ENOMEM;
 		vllist = afs_alloc_vlserver_list(0);
-		if (!vllist)
+		if (!vllist) {
+			if (ret >= 0)
+				ret = -ENOMEM;
 			goto out_wake;
+		}
 
 		switch (ret) {
 		case -ENODATA:
Re: [PATCH] afs: Fix overwriting of result of DNS query
Posted by Jeffrey E Altman 1 year, 12 months ago 
On 12/21/2023 9:23 AM, David Howells wrote:
> In afs_update_cell(), ret is the result of the DNS lookup and the errors
> are to be handled by a switch - however, the value gets clobbered in
> between by setting it to -ENOMEM in case afs_alloc_vlserver_list() fails.
>
> Fix this by moving the setting of -ENOMEM into the error handling for OOM
> failure.  Further, only do it if we don't have an alternative error to
> return.
>
> Found by Linux Verification Center (linuxtesting.org) with SVACE.  Based on
> a patch from Anastasia Belova[1].
>
> Fixes: d5c32c89b208 ("afs: Fix cell DNS lookup")
> Signed-off-by: David Howells<dhowells@redhat.com>
> cc: Anastasia Belova<abelova@astralinux.ru>
> cc: Marc Dionne<marc.dionne@auristor.com>
> cc:linux-afs@lists.infradead.org
> cc:lvc-project@linuxtesting.org
> Link:https://lore.kernel.org/r/20231221085849.1463-1-abelova@astralinux.ru/  [1]
>
> ---
>   fs/afs/cell.c |    6 ++++--
>   1 file changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/fs/afs/cell.c b/fs/afs/cell.c
> index 988c2ac7cece..926cb1188eba 100644
> --- a/fs/afs/cell.c
> +++ b/fs/afs/cell.c
> @@ -409,10 +409,12 @@ static int afs_update_cell(struct afs_cell *cell)
>   		if (ret == -ENOMEM)
>   			goto out_wake;
>   
> -		ret = -ENOMEM;
>   		vllist = afs_alloc_vlserver_list(0);
> -		if (!vllist)
> +		if (!vllist) {
> +			if (ret >= 0)
> +				ret = -ENOMEM;
>   			goto out_wake;
> +		}
>   
>   		switch (ret) {
>   		case -ENODATA:
>
Reviewed-by: Jeffrey Altman <jaltman@auristor.com>
Re: [PATCH] afs: Fix overwriting of result of DNS query
Posted by Jeffrey E Altman 1 year, 12 months ago 
On 12/21/2023 9:23 AM, David Howells wrote:
> In afs_update_cell(), ret is the result of the DNS lookup and the errors
> are to be handled by a switch - however, the value gets clobbered in
> between by setting it to -ENOMEM in case afs_alloc_vlserver_list() fails.
>
> Fix this by moving the setting of -ENOMEM into the error handling for OOM
> failure.  Further, only do it if we don't have an alternative error to
> return.
>
> Found by Linux Verification Center (linuxtesting.org) with SVACE.  Based on
> a patch from Anastasia Belova[1].
>
> Fixes: d5c32c89b208 ("afs: Fix cell DNS lookup")
> Signed-off-by: David Howells<dhowells@redhat.com>
> cc: Anastasia Belova<abelova@astralinux.ru>
> cc: Marc Dionne<marc.dionne@auristor.com>
> cc:linux-afs@lists.infradead.org
> cc:lvc-project@linuxtesting.org
> Link:https://lore.kernel.org/r/20231221085849.1463-1-abelova@astralinux.ru/  [1]
>
> ---
>   fs/afs/cell.c |    6 ++++--
>   1 file changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/fs/afs/cell.c b/fs/afs/cell.c
> index 988c2ac7cece..926cb1188eba 100644
> --- a/fs/afs/cell.c
> +++ b/fs/afs/cell.c
> @@ -409,10 +409,12 @@ static int afs_update_cell(struct afs_cell *cell)
>   		if (ret == -ENOMEM)
>   			goto out_wake;
>   
> -		ret = -ENOMEM;
>   		vllist = afs_alloc_vlserver_list(0);
> -		if (!vllist)
> +		if (!vllist) {
> +			if (ret >= 0)
> +				ret = -ENOMEM;
>   			goto out_wake;
> +		}
>   
>   		switch (ret) {
>   		case -ENODATA:
>
Reviewed-by: Jeffrey Altman <jaltman@auristor.com>

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.