lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date:	Tue, 2 Apr 2013 09:36:41 +0300
From:	Dan Carpenter <dan.carpenter@...cle.com>
To:	yoshfuji@...ux-ipv6.org
Cc:	linux1394-devel@...ts.sourceforge.net, netdev@...r.kernel.org,
	kbuild@...org
Subject: re: firewire net, ipv4 arp: Extend hardware address and remove
 driver-level packet inspection.

Hello YOSHIFUJI Hideaki / 吉藤英明,

The patch 6752c8db8e0c: "firewire net, ipv4 arp: Extend hardware 
address and remove driver-level packet inspection." from Mar 25, 
2013, leads to the following warning:
"drivers/firewire/net.c:278 fwnet_header_parse()
	 error: memcpy() 'haddr' too small (8 vs 16)"

drivers/firewire/net.c
   276  static int fwnet_header_parse(const struct sk_buff *skb, unsigned char *haddr)
   277  {
   278          memcpy(haddr, skb->dev->dev_addr, FWNET_ALEN);
                                                  ^^^^^^^^^^
We bumped this to 16 bytes and made the fwnet_header and fwnet_hwaddr
structs bigger.  But according to Smatch this is still an 8 byte buffer
here.  Either phw.hw_addr or sll->sll_addr.

The call tree would be:
-> packet_rcv()
   -> dev_parse_header()
      -> fwnet_header_parse()

   279  
   280          return FWNET_ALEN;
   281  }
   282  

regards,
dan carpenter

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists