Re: New Defects reported by Coverity Scan for linux-next weekly scan

Fri, 09 Apr 2021 07:04:55 -0700 

On Thu, 2021-04-08 at 17:13 +0000, scan-ad...@coverity.com wrote:
> ** CID 1503714:    (DEADCODE)
> /drivers/staging/rtl8723bs/os_dep/ioctl_linux.c: 367 in wpa_set_auth_algs()
> /drivers/staging/rtl8723bs/os_dep/ioctl_linux.c: 357 in wpa_set_auth_algs()
> 
> 
> ________________________________________________________________________________________________________
> *** CID 1503714:    (DEADCODE)
> /drivers/staging/rtl8723bs/os_dep/ioctl_linux.c: 367 in wpa_set_auth_algs()
> 361                   padapter->securitypriv.ndisencryptstatus = 
> Ndis802_11Encryption1Enabled;
> 362     
> 363                   padapter->securitypriv.ndisauthtype = 
> Ndis802_11AuthModeShared;
> 364                   padapter->securitypriv.dot11AuthAlgrthm = 
> dot11AuthAlgrthm_Shared;
> 365           } else if (value & WLAN_AUTH_OPEN) {
> 366                   /* padapter->securitypriv.ndisencryptstatus = 
> Ndis802_11EncryptionDisabled; */
> > > >     CID 1503714:    (DEADCODE)
> > > >     Execution cannot reach this statement: "if 
> > > > (padapter->securitypriv....".
> 367                   if (padapter->securitypriv.ndisauthtype < 
> Ndis802_11AuthModeWPAPSK) {
> 368                           padapter->securitypriv.ndisauthtype = 
> Ndis802_11AuthModeOpen;
> 369                           padapter->securitypriv.dot11AuthAlgrthm = 
> dot11AuthAlgrthm_Open;
> 370                   }
> 371           } else {
> 372                   ret = -EINVAL;
> /drivers/staging/rtl8723bs/os_dep/ioctl_linux.c: 357 in wpa_set_auth_algs()
> 351     static int wpa_set_auth_algs(struct net_device *dev, u32 value)
> 352     {
> 353           struct adapter *padapter = rtw_netdev_priv(dev);
> 354           int ret = 0;
> 355     
> 356           if ((value & WLAN_AUTH_SHARED_KEY) && (value & WLAN_AUTH_OPEN)) 
> {

The value of WLAN_AUTH_OPEN macro is 0 and it is being treated as if
is a bit number. Two conditions in this function never execute. It
seems like a crucial bug. Anyone looking into it?

> > > >     CID 1503714:    (DEADCODE)
> > > >     Execution cannot reach this statement: 
> > > > "padapter->securitypriv.ndis...".
> 357                   padapter->securitypriv.ndisencryptstatus = 
> Ndis802_11Encryption1Enabled;
> 358                   padapter->securitypriv.ndisauthtype = 
> Ndis802_11AuthModeAutoSwitch;
> 359                   padapter->securitypriv.dot11AuthAlgrthm = 
> dot11AuthAlgrthm_Auto;
> 360           } else if (value & WLAN_AUTH_SHARED_KEY)        {
> 361                   padapter->securitypriv.ndisencryptstatus = 
> Ndis802_11Encryption1Enabled;
> 362     
> 
> ** CID 1487894:  Null pointer dereferences  (FORWARD_NULL)
> /net/ipv6/route.c: 5209 in ip6_route_multipath_add()

Reply via email to