smatch stuff: Staging: usbip: checking after it's too late in vhci_hub_control()
Dan Carpenter
dan.carpenter at oracle.com
Mon Feb 13 14:19:29 UTC 2012
Smatch complains that we check the array offset, after we already use
it.
drivers/staging/usbip/vhci_hcd.c:442 vhci_hub_control(181) error:
testing array offset 'rhport' after use.
drivers/staging/usbip/vhci_hcd.c
280 if (wIndex > VHCI_NPORTS)
281 pr_err("invalid port number %d\n", wIndex);
282 rhport = ((__u8)(wIndex & 0x00ff)) - 1;
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
If wIndex is zero here then rhport is -1.
[snip]
301 if (dum->port_status[rhport] & USB_PORT_STAT_SUSPEND) {
^^^^^^^^^^^^^^^^^^^
rhport used as index here and throughout.
[snip]
348 if (wIndex > VHCI_NPORTS || wIndex < 1) {
^^^^^^^^^^
If wIndex is zero then rhport is -1, so this check is too late.
349 pr_err("invalid port number %d\n", wIndex);
350 retval = -EPIPE;
351 }
[snip]
442 if (rhport >= 0) {
^^^^^^^^^^^
checked for being -1 here, but it's too late.
443 dump_port_status_diff(prev_port_status[rhport],
444 dum->port_status[rhport]);
regards,
dan carpenter
More information about the devel
mailing list