Static analysis reports that write_pfn_sb() neglects to check the return value from uuid_parse as is done elsewhere. Since the uuid being parsed comes from the user, check for failure, and return an EINVAL if so.
Cc: Dan Williams <[email protected]> Signed-off-by: Vishal Verma <[email protected]> --- ndctl/namespace.c | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/ndctl/namespace.c b/ndctl/namespace.c index 722f13a..aa8c23a 100644 --- a/ndctl/namespace.c +++ b/ndctl/namespace.c @@ -1869,15 +1869,19 @@ static int write_pfn_sb(int fd, unsigned long long size, const char *sig, npfns = PHYS_PFN(size - SZ_8K); pfn_align = parse_size64(param.align); align = max(pfn_align, SUBSECTION_SIZE); - if (param.uuid) - uuid_parse(param.uuid, uuid); - else + if (param.uuid) { + if (uuid_parse(param.uuid, uuid)) + return -EINVAL; + } else { uuid_generate(uuid); + } - if (param.parent_uuid) - uuid_parse(param.parent_uuid, parent_uuid); - else + if (param.parent_uuid) { + if (uuid_parse(param.parent_uuid, parent_uuid)) + return -EINVAL; + } else { memset(parent_uuid, 0, sizeof(uuid_t)); + } if (strcmp(param.map, "dev") == 0) mode = PFN_MODE_PMEM; --- base-commit: 26d9ce3351361631677e2cae933e3641540fa807 change-id: 20230502-vv-coverity-d3a9dc40abd6 Best regards, -- Vishal Verma <[email protected]>
