diff mbox series

[net] tipc: Fix end of loop tests for list_for_each_entry()

Message ID 20220222134311.GA2716@kili (mailing list archive)
State Accepted
Commit a1f8fec4dac8bc7b172b2bdbd881e015261a6322
Delegated to: Netdev Maintainers
Headers show
Series [net] tipc: Fix end of loop tests for list_for_each_entry() | expand

Checks

Context Check Description
netdev/tree_selection success Clearly marked for net
netdev/fixes_present success Fixes tag present in non-next series
netdev/subject_prefix success Link
netdev/cover_letter success Single patches do not need cover letters
netdev/patch_count success Link
netdev/header_inline success No static functions without inline keyword in header files
netdev/build_32bit success Errors and warnings before: 0 this patch: 0
netdev/cc_maintainers success CCed 8 of 8 maintainers
netdev/build_clang success Errors and warnings before: 0 this patch: 0
netdev/module_param success Was 0 now: 0
netdev/verify_signedoff success Signed-off-by tag matches author and committer
netdev/verify_fixes success Fixes tag looks correct
netdev/build_allmodconfig_warn success Errors and warnings before: 0 this patch: 0
netdev/checkpatch success total: 0 errors, 0 warnings, 0 checks, 16 lines checked
netdev/kdoc success Errors and warnings before: 0 this patch: 0
netdev/source_inline success Was 0 now: 0

Commit Message

Dan Carpenter Feb. 22, 2022, 1:43 p.m. UTC 
These tests are supposed to check if the loop exited via a break or not.
However the tests are wrong because if we did not exit via a break then
"p" is not a valid pointer.  In that case, it's the equivalent of
"if (*(u32 *)sr == *last_key) {".  That's going to work most of the time,
but there is a potential for those to be equal.

Fixes: 1593123a6a49 ("tipc: add name table dump to new netlink api")
Fixes: 1a1a143daf84 ("tipc: add publication dump to new netlink api")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
---
 net/tipc/name_table.c | 2 +-
 net/tipc/socket.c     | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

Comments

patchwork-bot+netdevbpf@kernel.org Feb. 23, 2022, 12:40 p.m. UTC | #1 
Hello:

This patch was applied to netdev/net.git (master)
by David S. Miller <davem@davemloft.net>:

On Tue, 22 Feb 2022 16:43:12 +0300 you wrote:
> These tests are supposed to check if the loop exited via a break or not.
> However the tests are wrong because if we did not exit via a break then
> "p" is not a valid pointer.  In that case, it's the equivalent of
> "if (*(u32 *)sr == *last_key) {".  That's going to work most of the time,
> but there is a potential for those to be equal.
> 
> Fixes: 1593123a6a49 ("tipc: add name table dump to new netlink api")
> Fixes: 1a1a143daf84 ("tipc: add publication dump to new netlink api")
> Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
> 
> [...]

Here is the summary with links:
  - [net] tipc: Fix end of loop tests for list_for_each_entry()
    https://git.kernel.org/netdev/net/c/a1f8fec4dac8

You are awesome, thank you!
Jon Maloy Feb. 24, 2022, 3:26 p.m. UTC | #2 
On 2/22/22 08:43, Dan Carpenter wrote:
> These tests are supposed to check if the loop exited via a break or not.
> However the tests are wrong because if we did not exit via a break then
> "p" is not a valid pointer.  In that case, it's the equivalent of
> "if (*(u32 *)sr == *last_key) {".  That's going to work most of the time,
> but there is a potential for those to be equal.
>
> Fixes: 1593123a6a49 ("tipc: add name table dump to new netlink api")
> Fixes: 1a1a143daf84 ("tipc: add publication dump to new netlink api")
> Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
> ---
>   net/tipc/name_table.c | 2 +-
>   net/tipc/socket.c     | 2 +-
>   2 files changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/net/tipc/name_table.c b/net/tipc/name_table.c
> index 01396dd1c899..1d8ba233d047 100644
> --- a/net/tipc/name_table.c
> +++ b/net/tipc/name_table.c
> @@ -967,7 +967,7 @@ static int __tipc_nl_add_nametable_publ(struct tipc_nl_msg *msg,
>   		list_for_each_entry(p, &sr->all_publ, all_publ)
>   			if (p->key == *last_key)
>   				break;
> -		if (p->key != *last_key)
> +		if (list_entry_is_head(p, &sr->all_publ, all_publ))
>   			return -EPIPE;
>   	} else {
>   		p = list_first_entry(&sr->all_publ,
> diff --git a/net/tipc/socket.c b/net/tipc/socket.c
> index 3e63c83e641c..7545321c3440 100644
> --- a/net/tipc/socket.c
> +++ b/net/tipc/socket.c
> @@ -3749,7 +3749,7 @@ static int __tipc_nl_list_sk_publ(struct sk_buff *skb,
>   			if (p->key == *last_publ)
>   				break;
>   		}
> -		if (p->key != *last_publ) {
> +		if (list_entry_is_head(p, &tsk->publications, binding_sock)) {
>   			/* We never set seq or call nl_dump_check_consistent()
>   			 * this means that setting prev_seq here will cause the
>   			 * consistence check to fail in the netlink callback
Acked-by: Jon Maloy <jmaloy@redhat.com>
diff mbox series

Patch

diff --git a/net/tipc/name_table.c b/net/tipc/name_table.c
index 01396dd1c899..1d8ba233d047 100644
--- a/net/tipc/name_table.c
+++ b/net/tipc/name_table.c
@@ -967,7 +967,7 @@  static int __tipc_nl_add_nametable_publ(struct tipc_nl_msg *msg,
 		list_for_each_entry(p, &sr->all_publ, all_publ)
 			if (p->key == *last_key)
 				break;
-		if (p->key != *last_key)
+		if (list_entry_is_head(p, &sr->all_publ, all_publ))
 			return -EPIPE;
 	} else {
 		p = list_first_entry(&sr->all_publ,
diff --git a/net/tipc/socket.c b/net/tipc/socket.c
index 3e63c83e641c..7545321c3440 100644
--- a/net/tipc/socket.c
+++ b/net/tipc/socket.c
@@ -3749,7 +3749,7 @@  static int __tipc_nl_list_sk_publ(struct sk_buff *skb,
 			if (p->key == *last_publ)
 				break;
 		}
-		if (p->key != *last_publ) {
+		if (list_entry_is_head(p, &tsk->publications, binding_sock)) {
 			/* We never set seq or call nl_dump_check_consistent()
 			 * this means that setting prev_seq here will cause the
 			 * consistence check to fail in the netlink callback