| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 13 Jul 2015 09:17:23 +0000 From: David Binderman <dcb314@...mail.com> To: Rasesh Mody <rasesh.mody@...gic.com>, "netdev@...r.kernel.org" <netdev@...r.kernel.org> Subject: linux-4.2-rc2/drivers/net/ethernet/brocade/bna/bfa_ioc.c:2843: out of bounds string access ? Hello there, [linux-4.2-rc2/drivers/net/ethernet/brocade/bna/bfa_ioc.c:2843]: (error) Buffer is accessed out of bounds. Source code is memcpy(manufacturer, BFA_MFG_NAME, BFA_ADAPTER_MFG_NAME_LEN); and #define BFA_MFG_NAME "QLogic" and $ fgrep BFA_ADAPTER_MFG_NAME_LEN `find linux-4.2-rc2/drivers/net/ethernet/brocade/ -name \*.h -print` linux-4.2-rc2/drivers/net/ethernet/brocade/bna/bfa_defs.h: BFA_ADAPTER_MFG_NAME_LEN = 8, /*!< manufacturer name length */ $ so the code attempts to read eight bytes from a seven byte string. Suggest code rework. Regards David Binderman -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists