Home Explore Help
Sign In
GfA
/
linux_kernel
5
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

staging: r8188eu: Fix Smatch warnings

Smatch reports the following:

core/rtw_ieee80211.c:489 rtw_get_wpa_cipher_suite() warn: add some parenthesis here?
core/rtw_ieee80211.c:491 rtw_get_wpa_cipher_suite() warn: add some parenthesis here?
core/rtw_ieee80211.c:493 rtw_get_wpa_cipher_suite() warn: add some parenthesis here?
core/rtw_ieee80211.c:495 rtw_get_wpa_cipher_suite() warn: add some parenthesis here?
core/rtw_ieee80211.c:497 rtw_get_wpa_cipher_suite() warn: add some parenthesis here?
core/rtw_ieee80211.c:505 rtw_get_wpa2_cipher_suite() warn: add some parenthesis here?
core/rtw_ieee80211.c:507 rtw_get_wpa2_cipher_suite() warn: add some parenthesis here?
core/rtw_ieee80211.c:509 rtw_get_wpa2_cipher_suite() warn: add some parenthesis here?
core/rtw_ieee80211.c:511 rtw_get_wpa2_cipher_suite() warn: add some parenthesis here?
core/rtw_ieee80211.c:513 rtw_get_wpa2_cipher_suite() warn: add some parenthesis here?
core/rtw_ieee80211.c:534 rtw_parse_wpa_ie() warn: add some parenthesis here?
core/rtw_ieee80211.c:579 rtw_parse_wpa_ie() warn: add some parenthesis here?
core/rtw_ieee80211.c:649 rtw_parse_wpa2_ie() warn: add some parenthesis here?
core/rtw_ieee80211.c:803 rtw_get_wps_attr() warn: add some parenthesis here?
core/rtw_ieee80211.c:1213 rtw_get_p2p_ie() warn: add some parenthesis here?
core/rtw_ieee80211.c:1248 rtw_get_p2p_attr() warn: add some parenthesis here?
core/rtw_mlme.c:258 _rtw_find_network() warn: add some parenthesis here?
core/rtw_mlme.c:1581 rtw_check_join_candidate() warn: this array is probably non-NULL. 'pmlmepriv->assoc_ssid.Ssid'
core/rtw_mlme.c:1843 SecIsInPMKIDList() warn: add some parenthesis here?
core/rtw_mlme_ext.c:4189 on_action_public_vendor() warn: add some parenthesis here?
core/rtw_recv.c:1157 validate_recv_mgnt_frame() warn: add some parenthesis here?
core/rtw_xmit.c:671 xmitframe_addmic() warn: add some parenthesis here?
hal/rtl8188e_mp.c:206 Hal_MPT_CCKTxPowerAdjustbyIndex() error: buffer overflow 'CCKSwingTable_Ch1_Ch13' 33 <= 255
hal/rtl8188e_mp.c:215 Hal_MPT_CCKTxPowerAdjustbyIndex() error: buffer overflow 'CCKSwingTable_Ch14' 33 <= 255

Not listed here is one remaining buffer overflow message that I believe to be an error in Smatch.

These warnings were reported by Dan Carpenter.

Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Larry Finger <Larry.Finger@lwfinger.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Larry Finger 11 years ago
parent
e40068a63c
commit
05c9bc1f36
6 changed files with 25 additions and 22 deletions
Unified View Show Diff Stats
  1. 16 16
      drivers/staging/rtl8188eu/core/rtw_ieee80211.c
  2. 3 3
      drivers/staging/rtl8188eu/core/rtw_mlme.c
  3. 1 1
      drivers/staging/rtl8188eu/core/rtw_mlme_ext.c
  4. 2 1
      drivers/staging/rtl8188eu/core/rtw_recv.c
  5. 1 1
      drivers/staging/rtl8188eu/core/rtw_xmit.c
  6. 2 0
      drivers/staging/rtl8188eu/hal/rtl8188e_mp.c

+ 16 - 16
drivers/staging/rtl8188eu/core/rtw_ieee80211.c
View File 

@@ -486,15 +486,15 @@ unsigned char *rtw_get_wpa2_ie(unsigned char *pie, int *rsn_ie_len, int limit)
 
 
 
 int rtw_get_wpa_cipher_suite(u8 *s)
 
 int rtw_get_wpa_cipher_suite(u8 *s)
 
 {
 
 {
 
-	if (!memcmp(s, WPA_CIPHER_SUITE_NONE, WPA_SELECTOR_LEN) == true)
 
+	if (!memcmp(s, WPA_CIPHER_SUITE_NONE, WPA_SELECTOR_LEN))
 
 		return WPA_CIPHER_NONE;
 
 		return WPA_CIPHER_NONE;
 
-	if (!memcmp(s, WPA_CIPHER_SUITE_WEP40, WPA_SELECTOR_LEN) == true)
 
+	if (!memcmp(s, WPA_CIPHER_SUITE_WEP40, WPA_SELECTOR_LEN))
 
 		return WPA_CIPHER_WEP40;
 
 		return WPA_CIPHER_WEP40;
 
-	if (!memcmp(s, WPA_CIPHER_SUITE_TKIP, WPA_SELECTOR_LEN) == true)
 
+	if (!memcmp(s, WPA_CIPHER_SUITE_TKIP, WPA_SELECTOR_LEN))
 
 		return WPA_CIPHER_TKIP;
 
 		return WPA_CIPHER_TKIP;
 
-	if (!memcmp(s, WPA_CIPHER_SUITE_CCMP, WPA_SELECTOR_LEN) == true)
 
+	if (!memcmp(s, WPA_CIPHER_SUITE_CCMP, WPA_SELECTOR_LEN))
 
 		return WPA_CIPHER_CCMP;
 
 		return WPA_CIPHER_CCMP;
 
-	if (!memcmp(s, WPA_CIPHER_SUITE_WEP104, WPA_SELECTOR_LEN) == true)
 
+	if (!memcmp(s, WPA_CIPHER_SUITE_WEP104, WPA_SELECTOR_LEN))
 
 		return WPA_CIPHER_WEP104;
 
 		return WPA_CIPHER_WEP104;
 
 
 
 	return 0;
 
 	return 0;
 
@@ -502,15 +502,15 @@ int rtw_get_wpa_cipher_suite(u8 *s)
 
 
 
 int rtw_get_wpa2_cipher_suite(u8 *s)
 
 int rtw_get_wpa2_cipher_suite(u8 *s)
 
 {
 
 {
 
-	if (!memcmp(s, RSN_CIPHER_SUITE_NONE, RSN_SELECTOR_LEN) == true)
 
+	if (!memcmp(s, RSN_CIPHER_SUITE_NONE, RSN_SELECTOR_LEN))
 
 		return WPA_CIPHER_NONE;
 
 		return WPA_CIPHER_NONE;
 
-	if (!memcmp(s, RSN_CIPHER_SUITE_WEP40, RSN_SELECTOR_LEN) == true)
 
+	if (!memcmp(s, RSN_CIPHER_SUITE_WEP40, RSN_SELECTOR_LEN))
 
 		return WPA_CIPHER_WEP40;
 
 		return WPA_CIPHER_WEP40;
 
-	if (!memcmp(s, RSN_CIPHER_SUITE_TKIP, RSN_SELECTOR_LEN) == true)
 
+	if (!memcmp(s, RSN_CIPHER_SUITE_TKIP, RSN_SELECTOR_LEN))
 
 		return WPA_CIPHER_TKIP;
 
 		return WPA_CIPHER_TKIP;
 
-	if (!memcmp(s, RSN_CIPHER_SUITE_CCMP, RSN_SELECTOR_LEN) == true)
 
+	if (!memcmp(s, RSN_CIPHER_SUITE_CCMP, RSN_SELECTOR_LEN))
 
 		return WPA_CIPHER_CCMP;
 
 		return WPA_CIPHER_CCMP;
 
-	if (!memcmp(s, RSN_CIPHER_SUITE_WEP104, RSN_SELECTOR_LEN) == true)
 
+	if (!memcmp(s, RSN_CIPHER_SUITE_WEP104, RSN_SELECTOR_LEN))
 
 		return WPA_CIPHER_WEP104;
 
 		return WPA_CIPHER_WEP104;
 
 
 
 	return 0;
 
 	return 0;
 
@@ -531,7 +531,7 @@ int rtw_parse_wpa_ie(u8 *wpa_ie, int wpa_ie_len, int *group_cipher, int *pairwis
 
 
 
 
 
 	if ((*wpa_ie != _WPA_IE_ID_) || (*(wpa_ie+1) != (u8)(wpa_ie_len - 2)) ||
 
 	if ((*wpa_ie != _WPA_IE_ID_) || (*(wpa_ie+1) != (u8)(wpa_ie_len - 2)) ||
 
-	    (!memcmp(wpa_ie+2, RTW_WPA_OUI_TYPE, WPA_SELECTOR_LEN) != true))
 
+	    (memcmp(wpa_ie+2, RTW_WPA_OUI_TYPE, WPA_SELECTOR_LEN)))
 
 		return _FAIL;
 
 		return _FAIL;
 
 
 
 	pos = wpa_ie;
 
 	pos = wpa_ie;
 
@@ -576,7 +576,7 @@ int rtw_parse_wpa_ie(u8 *wpa_ie, int wpa_ie_len, int *group_cipher, int *pairwis
 
 	if (is_8021x) {
 
 	if (is_8021x) {
 
 		if (left >= 6) {
 
 		if (left >= 6) {
 
 			pos += 2;
 
 			pos += 2;
 
-			if (!memcmp(pos, SUITE_1X, 4) == 1) {
 
+			if (!memcmp(pos, SUITE_1X, 4)) {
 
 				RT_TRACE(_module_rtl871x_mlme_c_, _drv_info_, ("%s : there has 802.1x auth\n", __func__));
 
 				RT_TRACE(_module_rtl871x_mlme_c_, _drv_info_, ("%s : there has 802.1x auth\n", __func__));
 
 				*is_8021x = 1;
 
 				*is_8021x = 1;
 
 			}
 
 			}
 
@@ -646,7 +646,7 @@ int rtw_parse_wpa2_ie(u8 *rsn_ie, int rsn_ie_len, int *group_cipher, int *pairwi
 
 	if (is_8021x) {
 
 	if (is_8021x) {
 
 		if (left >= 6) {
 
 		if (left >= 6) {
 
 			pos += 2;
 
 			pos += 2;
 
-			if (!memcmp(pos, SUITE_1X, 4) == 1) {
 
+			if (!memcmp(pos, SUITE_1X, 4)) {
 
 				RT_TRACE(_module_rtl871x_mlme_c_, _drv_info_, ("%s (): there has 802.1x auth\n", __func__));
 
 				RT_TRACE(_module_rtl871x_mlme_c_, _drv_info_, ("%s (): there has 802.1x auth\n", __func__));
 
 				*is_8021x = 1;
 
 				*is_8021x = 1;
 
 			}
 
 			}
 
@@ -800,7 +800,7 @@ u8 *rtw_get_wps_attr(u8 *wps_ie, uint wps_ielen, u16 target_attr_id , u8 *buf_at
 
 		*len_attr = 0;
 
 		*len_attr = 0;
 
 
 
 	if ((wps_ie[0] != _VENDOR_SPECIFIC_IE_) ||
 
 	if ((wps_ie[0] != _VENDOR_SPECIFIC_IE_) ||
 
-	    (!memcmp(wps_ie + 2, wps_oui , 4) != true))
 
+	    (memcmp(wps_ie + 2, wps_oui , 4)))
 
 		return attr_ptr;
 
 		return attr_ptr;
 
 
 
 	/*  6 = 1(Element ID) + 1(Length) + 4(WPS OUI) */
 
 	/*  6 = 1(Element ID) + 1(Length) + 4(WPS OUI) */
 
@@ -1210,7 +1210,7 @@ u8 *rtw_get_p2p_ie(u8 *in_ie, int in_len, u8 *p2p_ie, uint *p2p_ielen)
 
 			dump_stack();
 
 			dump_stack();
 
 			return NULL;
 
 			return NULL;
 
 		}
 
 		}
 
-		if ((eid == _VENDOR_SPECIFIC_IE_) && (!memcmp(&in_ie[cnt+2], p2p_oui, 4) == true)) {
 
+		if ((eid == _VENDOR_SPECIFIC_IE_) && (!memcmp(&in_ie[cnt+2], p2p_oui, 4))) {
 
 			p2p_ie_ptr = in_ie + cnt;
 
 			p2p_ie_ptr = in_ie + cnt;
 
 
 
 			if (p2p_ie != NULL)
 
 			if (p2p_ie != NULL)
 
@@ -1245,7 +1245,7 @@ u8 *rtw_get_p2p_attr(u8 *p2p_ie, uint p2p_ielen, u8 target_attr_id , u8 *buf_att
 
 		*len_attr = 0;
 
 		*len_attr = 0;
 
 
 
 	if (!p2p_ie || (p2p_ie[0] != _VENDOR_SPECIFIC_IE_) ||
 
 	if (!p2p_ie || (p2p_ie[0] != _VENDOR_SPECIFIC_IE_) ||
 
-	    (!memcmp(p2p_ie + 2, p2p_oui , 4) != true))
 
+	    (memcmp(p2p_ie + 2, p2p_oui , 4)))
 
 		return attr_ptr;
 
 		return attr_ptr;
 
 
 
 	/*  6 = 1(Element ID) + 1(Length) + 3 (OUI) + 1(OUI Type) */
 
 	/*  6 = 1(Element ID) + 1(Length) + 3 (OUI) + 1(OUI Type) */

+ 3 - 3
drivers/staging/rtl8188eu/core/rtw_mlme.c
View File 

@@ -255,7 +255,7 @@ struct wlan_network *_rtw_find_network(struct __queue *scanned_queue, u8 *addr)
 
 
 
 	while (plist != phead) {
 
 	while (plist != phead) {
 
 		pnetwork = container_of(plist, struct wlan_network , list);
 
 		pnetwork = container_of(plist, struct wlan_network , list);
 
-		if (!memcmp(addr, pnetwork->network.MacAddress, ETH_ALEN) == true)
 
+		if (!memcmp(addr, pnetwork->network.MacAddress, ETH_ALEN))
 
 			break;
 
 			break;
 
 		plist = plist->next;
 
 		plist = plist->next;
 
 	}
 
 	}
 
@@ -1578,7 +1578,7 @@ static int rtw_check_join_candidate(struct mlme_priv *pmlmepriv
 
 	}
 
 	}
 
 
 
 	/* check ssid, if needed */
 
 	/* check ssid, if needed */
 
-	if (pmlmepriv->assoc_ssid.Ssid && pmlmepriv->assoc_ssid.SsidLength) {
 
+	if (pmlmepriv->assoc_ssid.SsidLength) {
 
 		if (competitor->network.Ssid.SsidLength != pmlmepriv->assoc_ssid.SsidLength ||
 
 		if (competitor->network.Ssid.SsidLength != pmlmepriv->assoc_ssid.SsidLength ||
 
 		    !memcmp(competitor->network.Ssid.Ssid, pmlmepriv->assoc_ssid.Ssid, pmlmepriv->assoc_ssid.SsidLength) == false)
 
 		    !memcmp(competitor->network.Ssid.Ssid, pmlmepriv->assoc_ssid.Ssid, pmlmepriv->assoc_ssid.SsidLength) == false)
 
 			goto exit;
 
 			goto exit;
 
@@ -1840,7 +1840,7 @@ static int SecIsInPMKIDList(struct adapter *Adapter, u8 *bssid)
 
 
 
 	do {
 
 	do {
 
 		if ((psecuritypriv->PMKIDList[i].bUsed) &&
 
 		if ((psecuritypriv->PMKIDList[i].bUsed) &&
 
-		    (!memcmp(psecuritypriv->PMKIDList[i].Bssid, bssid, ETH_ALEN) == true)) {
 
+		    (!memcmp(psecuritypriv->PMKIDList[i].Bssid, bssid, ETH_ALEN))) {
 
 			break;
 
 			break;
 
 		} else {
 
 		} else {
 
 			i++;
 
 			i++;

+ 1 - 1
drivers/staging/rtl8188eu/core/rtw_mlme_ext.c
View File 

@@ -4186,7 +4186,7 @@ static unsigned int on_action_public_vendor(union recv_frame *precv_frame)
 
 	u8 *pframe = precv_frame->u.hdr.rx_data;
 
 	u8 *pframe = precv_frame->u.hdr.rx_data;
 
 	u8 *frame_body = pframe + sizeof(struct rtw_ieee80211_hdr_3addr);
 
 	u8 *frame_body = pframe + sizeof(struct rtw_ieee80211_hdr_3addr);
 
 
 
-	if (!memcmp(frame_body + 2, P2P_OUI, 4) == true)
 
+	if (!memcmp(frame_body + 2, P2P_OUI, 4))
 
 		ret = on_action_public_p2p(precv_frame);
 
 		ret = on_action_public_p2p(precv_frame);
 
 
 
 	return ret;
 
 	return ret;

+ 2 - 1
drivers/staging/rtl8188eu/core/rtw_recv.c
View File 

@@ -1153,7 +1153,8 @@ static int validate_recv_mgnt_frame(struct adapter *padapter,
 
 		} else if (GetFrameSubType(precv_frame->u.hdr.rx_data) == WIFI_PROBEREQ) {
 
 		} else if (GetFrameSubType(precv_frame->u.hdr.rx_data) == WIFI_PROBEREQ) {
 
 			psta->sta_stats.rx_probereq_pkts++;
 
 			psta->sta_stats.rx_probereq_pkts++;
 
 		} else if (GetFrameSubType(precv_frame->u.hdr.rx_data) == WIFI_PROBERSP) {
 
 		} else if (GetFrameSubType(precv_frame->u.hdr.rx_data) == WIFI_PROBERSP) {
 
-			if (!memcmp(padapter->eeprompriv.mac_addr, GetAddr1Ptr(precv_frame->u.hdr.rx_data), ETH_ALEN) == true)
 
+			if (!memcmp(padapter->eeprompriv.mac_addr,
 
+				    GetAddr1Ptr(precv_frame->u.hdr.rx_data), ETH_ALEN))
 
 				psta->sta_stats.rx_probersp_pkts++;
 
 				psta->sta_stats.rx_probersp_pkts++;
 
 			else if (is_broadcast_mac_addr(GetAddr1Ptr(precv_frame->u.hdr.rx_data)) ||
 
 			else if (is_broadcast_mac_addr(GetAddr1Ptr(precv_frame->u.hdr.rx_data)) ||
 
 				 is_multicast_mac_addr(GetAddr1Ptr(precv_frame->u.hdr.rx_data)))
 
 				 is_multicast_mac_addr(GetAddr1Ptr(precv_frame->u.hdr.rx_data)))

+ 1 - 1
drivers/staging/rtl8188eu/core/rtw_xmit.c
View File 

@@ -667,7 +667,7 @@ static s32 xmitframe_addmic(struct adapter *padapter, struct xmit_frame *pxmitfr
 
 				/* start to calculate the mic code */
 
 				/* start to calculate the mic code */
 
 				rtw_secmicsetkey(&micdata, psecuritypriv->dot118021XGrptxmickey[psecuritypriv->dot118021XGrpKeyid].skey);
 
 				rtw_secmicsetkey(&micdata, psecuritypriv->dot118021XGrptxmickey[psecuritypriv->dot118021XGrpKeyid].skey);
 
 			} else {
 
 			} else {
 
-				if (!memcmp(&stainfo->dot11tkiptxmickey.skey[0], null_key, 16) == true) {
 
+				if (!memcmp(&stainfo->dot11tkiptxmickey.skey[0], null_key, 16)) {
 
 					/* DbgPrint("\nxmitframe_addmic:stainfo->dot11tkiptxmickey == 0\n"); */
 
 					/* DbgPrint("\nxmitframe_addmic:stainfo->dot11tkiptxmickey == 0\n"); */
 
 					/* msleep(10); */
 
 					/* msleep(10); */
 
 					return _FAIL;
 
 					return _FAIL;

+ 2 - 0
drivers/staging/rtl8188eu/hal/rtl8188e_mp.c
View File 

@@ -201,6 +201,8 @@ void Hal_MPT_CCKTxPowerAdjustbyIndex(struct adapter *pAdapter, bool beven)
 
 		else
 
 		else
 
 			CCK_index = CCK_index_old + 1;
 
 			CCK_index = CCK_index_old + 1;
 
 
 
+		if (CCK_index > 32)
 
+			CCK_index = 32;
 
 		/* Adjust CCK according to gain index */
 
 		/* Adjust CCK according to gain index */
 
 		if (!pDM_Odm->RFCalibrateInfo.bCCKinCH14) {
 
 		if (!pDM_Odm->RFCalibrateInfo.bCCKinCH14) {
 
 			rtw_write8(pAdapter, 0xa22, CCKSwingTable_Ch1_Ch13[CCK_index][0]);
 
 			rtw_write8(pAdapter, 0xa22, CCKSwingTable_Ch1_Ch13[CCK_index][0]);