Commit 12fc1d7b authored by Jayachandran C's avatar Jayachandran C Committed by Linus Torvalds

[PATCH] IPMI: fix issues reported by Coverity in ipmi_msghandler.c

While looking to the report by Coverity in ipmi, I came across the
following issue:

The IPMI message handler relies on two defines which are the same -one in
include/linux/ipmi.h
#define IPMI_NUM_CHANNELS 0x10
and one in drivers/char/ipmi/ipmi_msghandler.
#define IPMI_MAX_CHANNELS       16
These are used interchangeably in ipmi_msghandler.c, but since the array
addr->channels[] is of size IPMI_MAX_CHANNELS, I have made a patch that
uses IPMI_MAX_CHANNELS for all the checks for the array index.

NOTE: You could probably remove the line that defines IPMI_NUM_CHANNELS
from ipmi.h, or move IPMI_MAX_CHANNELS to ipmi.h
Signed-off-by: default avatarJayachandran C. <c.jayachandran@gmail.com>
Cc: Corey Minyard <minyard@acm.org>
Signed-off-by: default avatarAndrew Morton <akpm@osdl.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@osdl.org>
parent db9a369e
...@@ -481,7 +481,7 @@ int ipmi_validate_addr(struct ipmi_addr *addr, int len) ...@@ -481,7 +481,7 @@ int ipmi_validate_addr(struct ipmi_addr *addr, int len)
} }
if ((addr->channel == IPMI_BMC_CHANNEL) if ((addr->channel == IPMI_BMC_CHANNEL)
|| (addr->channel >= IPMI_NUM_CHANNELS) || (addr->channel >= IPMI_MAX_CHANNELS)
|| (addr->channel < 0)) || (addr->channel < 0))
return -EINVAL; return -EINVAL;
...@@ -1321,7 +1321,7 @@ static int i_ipmi_request(ipmi_user_t user, ...@@ -1321,7 +1321,7 @@ static int i_ipmi_request(ipmi_user_t user,
unsigned char ipmb_seq; unsigned char ipmb_seq;
long seqid; long seqid;
if (addr->channel >= IPMI_NUM_CHANNELS) { if (addr->channel >= IPMI_MAX_CHANNELS) {
spin_lock_irqsave(&intf->counter_lock, flags); spin_lock_irqsave(&intf->counter_lock, flags);
intf->sent_invalid_commands++; intf->sent_invalid_commands++;
spin_unlock_irqrestore(&intf->counter_lock, flags); spin_unlock_irqrestore(&intf->counter_lock, flags);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment