From c97dbd346144369d238bbe165c0997896ee2a0bf Mon Sep 17 00:00:00 2001
From: Zdenek Styblik <stybla@turnovfree.net>
Date: Tue, 30 Dec 2014 15:33:05 +0100
Subject: [PATCH] Fix eval logic in ipmi_user_priv()

Commit fixes bug in eval logic of user input sanitization, resp. && -> ||. Also,
priv_level and user_id variables are initialized to 0 now(CID#1261318).
---
 lib/ipmi_user.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/lib/ipmi_user.c b/lib/ipmi_user.c
index edc1f86..140b19b 100644
--- a/lib/ipmi_user.c
+++ b/lib/ipmi_user.c
@@ -629,9 +629,9 @@ ipmi_user_test(struct ipmi_intf *intf, int argc, char **argv)
 int
 ipmi_user_priv(struct ipmi_intf *intf, int argc, char **argv)
 {
-	uint8_t user_id;
-	uint8_t priv_level;
 	uint8_t channel = 0x0e; /* Use channel running on */
+	uint8_t priv_level = 0;
+	uint8_t user_id = 0;
 
 	if (argc != 3 && argc != 4) {
 		print_user_usage();
@@ -644,7 +644,7 @@ ipmi_user_priv(struct ipmi_intf *intf, int argc, char **argv)
 		channel = (channel & 0x0f);
 	}
 	if (is_ipmi_user_priv_limit(argv[2], &priv_level) != 0
-			&& is_ipmi_user_id(argv[1], &user_id)) {
+			|| is_ipmi_user_id(argv[1], &user_id) != 0) {
 		return (-1);
 	}
 	priv_level = (priv_level & 0x0f);