[Group.of.nepali.translators] [Bug 1745364] Re: x86/net/bpf: return statement missing value

2018-04-04 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux - 4.4.0-119.143

---
linux (4.4.0-119.143) xenial; urgency=medium

  * linux: 4.4.0-119.143 -proposed tracker (LP: #1760327)

  * Dell XPS 13 9360 bluetooth scan can not detect any device (LP: #1759821)
- Revert "Bluetooth: btusb: fix QCA Rome suspend/resume"

linux (4.4.0-118.142) xenial; urgency=medium

  * linux: 4.4.0-118.142 -proposed tracker (LP: #1759607)

  * Kernel panic with AWS 4.4.0-1053 / 4.4.0-1015 (Trusty) (LP: #1758869)
- x86/microcode/AMD: Do not load when running on a hypervisor

  * CVE-2018-8043
- net: phy: mdio-bcm-unimac: fix potential NULL dereference in
  unimac_mdio_probe()

linux (4.4.0-117.141) xenial; urgency=medium

  * linux: 4.4.0-117.141 -proposed tracker (LP: #1755208)

  * Xenial update to 4.4.114 stable release (LP: #1754592)
- x86/asm/32: Make sync_core() handle missing CPUID on all 32-bit kernels
- usbip: prevent vhci_hcd driver from leaking a socket pointer address
- usbip: Fix implicit fallthrough warning
- usbip: Fix potential format overflow in userspace tools
- x86/microcode/intel: Fix BDW late-loading revision check
- x86/retpoline: Fill RSB on context switch for affected CPUs
- sched/deadline: Use the revised wakeup rule for suspending constrained dl
  tasks
- can: af_can: can_rcv(): replace WARN_ONCE by pr_warn_once
- can: af_can: canfd_rcv(): replace WARN_ONCE by pr_warn_once
- PM / sleep: declare __tracedata symbols as char[] rather than char
- time: Avoid undefined behaviour in ktime_add_safe()
- timers: Plug locking race vs. timer migration
- Prevent timer value 0 for MWAITX
- drivers: base: cacheinfo: fix x86 with CONFIG_OF enabled
- drivers: base: cacheinfo: fix boot error message when acpi is enabled
- PCI: layerscape: Add "fsl,ls2085a-pcie" compatible ID
- PCI: layerscape: Fix MSG TLP drop setting
- mmc: sdhci-of-esdhc: add/remove some quirks according to vendor version
- fs/select: add vmalloc fallback for select(2)
- hwpoison, memcg: forcibly uncharge LRU pages
- cma: fix calculation of aligned offset
- mm, page_alloc: fix potential false positive in __zone_watermark_ok
- ipc: msg, make msgrcv work with LONG_MIN
- x86/ioapic: Fix incorrect pointers in ioapic_setup_resources()
- ACPI / processor: Avoid reserving IO regions too early
- ACPI / scan: Prefer devices without _HID/_CID for _ADR matching
- ACPICA: Namespace: fix operand cache leak
- netfilter: x_tables: speed up jump target validation
- netfilter: arp_tables: fix invoking 32bit "iptable -P INPUT ACCEPT" failed
  in 64bit kernel
- netfilter: nf_dup_ipv6: set again FLOWI_FLAG_KNOWN_NH at flowi6_flags
- netfilter: nf_ct_expect: remove the redundant slash when policy name is
  empty
- netfilter: nfnetlink_queue: reject verdict request from different portid
- netfilter: restart search if moved to other chain
- netfilter: nf_conntrack_sip: extend request line validation
- netfilter: use fwmark_reflect in nf_send_reset
- ext2: Don't clear SGID when inheriting ACLs
- reiserfs: fix race in prealloc discard
- reiserfs: don't preallocate blocks for extended attributes
- reiserfs: Don't clear SGID when inheriting ACLs
- fs/fcntl: f_setown, avoid undefined behaviour
- scsi: libiscsi: fix shifting of DID_REQUEUE host byte
- Input: trackpoint - force 3 buttons if 0 button is reported
- usb: usbip: Fix possible deadlocks reported by lockdep
- usbip: fix stub_rx: get_pipe() to validate endpoint number
- usbip: fix stub_rx: harden CMD_SUBMIT path to handle malicious input
- usbip: prevent leaking socket pointer address in messages
- um: link vmlinux with -no-pie
- vsyscall: Fix permissions for emulate mode with KAISER/PTI
- eventpoll.h: add missing epoll event masks
- x86/microcode/intel: Extend BDW late-loading further with LLC size check
- hrtimer: Reset hrtimer cpu base proper on CPU hotplug
- dccp: don't restart ccid2_hc_tx_rto_expire() if sk in closed state
- ipv6: Fix getsockopt() for sockets with default IPV6_AUTOFLOWLABEL
- ipv6: fix udpv6 sendmsg crash caused by too small MTU
- ipv6: ip6_make_skb() needs to clear cork.base.dst
- lan78xx: Fix failure in USB Full Speed
- net: igmp: fix source address check for IGMPv3 reports
- tcp: __tcp_hdrlen() helper
- net: qdisc_pkt_len_init() should be more robust
- pppoe: take ->needed_headroom of lower device into account on xmit
- r8169: fix memory corruption on retrieval of hardware statistics.
- sctp: do not allow the v4 socket to bind a v4mapped v6 address
- sctp: return error if the asoc has been peeled off in sctp_wait_for_sndbuf
- vmxnet3: repair memory leak
- net: Allow neigh contructor functions ability to modify the primary_key
- ipv4: Make neigh lookup keys for loopback/point-to-point devices be
  INADDR_ANY

[Group.of.nepali.translators] [Bug 1745364] Re: x86/net/bpf: return statement missing value

2018-01-25 Thread Joseph Salisbury 
** Also affects: linux (Ubuntu Xenial)
   Importance: Undecided
   Status: New

** Changed in: linux (Ubuntu Xenial)
   Status: New => Triaged

** Changed in: linux (Ubuntu)
   Status: Confirmed => Triaged

** Changed in: linux (Ubuntu Xenial)
   Importance: Undecided => Medium

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1745364

Title:
  x86/net/bpf: return statement missing value

Status in linux package in Ubuntu:
  Triaged
Status in linux source package in Xenial:
  Triaged

Bug description:
  SRU Justification
  =

  Coverity reports:

  *** CID 1464330:  Uninitialized variables  (MISSING_RETURN)
  /arch/x86/net/bpf_jit_comp.c: 1088 in bpf_int_jit_compile()
  1082int i;
  1083 1084   if (!bpf_jit_enable)
  1085return prog;
  1086 1087   if (!prog || !prog->len)
  >>> CID 1464330:  Uninitialized variables  (MISSING_RETURN)
  >>> Arriving at the end of a function without returning a value.
  1088return;
  1089 1090   addrs = kmalloc(prog->len * sizeof(*addrs), 
GFP_KERNEL);
  1091if (!addrs)
  1092return prog;
  1093

  This is a result of 3098d8eae421 ("bpf: prepare
  bpf_int_jit_compile/bpf_prog_select_runtime apis"), which is a cherry-
  pick of d1c55ab5e41f upstream. In that patch, the return type of
  bpf_int_jit_compile was changed from void to struct bpf_prog*. That
  patch changed some of the return statements.

  It did not, however, change the return statement of the (!prog ||
  !prog->len) check, as in upstream the (!prog || !prog->len) check was
  dropped in 93a73d442d37 ("bpf, x86/arm64: remove useless checks on
  prog"):

  """
  There is never such a situation, where bpf_int_jit_compile() is
  called with either prog as NULL or len as 0, so the tests are
  unnecessary and confusing as people would just copy them.
  """

  However, we haven't picked up 93a73d442d37, so when we cherry-picked
  d1c55ab5e41f, that branch remained unmodified, hence the static
  analysis warning.

  Impact
  ==

  If the branch is not dead and someone can hit it, an undefined value
  can be returned, which could cause issues.

  Fix
  ===

  For consistency and in case the branch is not actually dead on Xenial,
  we should do a fixup to 'return prog;'

  Regression Potential
  

  Limited to the BPF jit which is off by default.
  Limited to a branch that should be dead code anyway.
  Limited to an error handling path.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1745364/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp