| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 22 Feb 2016 02:10:26 -0500 From: Michael Chan <michael.chan@...adcom.com> To: davem@...emloft.net Cc: netdev@...r.kernel.org Subject: [PATCH net] bnxt_en: Fix zero padding of tx push data. The arithmetic to zero pad the last 64-bit word in the push buffer is not correct. 1. It should be pdata + length to get to the end. 2. 'pdata' is void pointer and passing it to PTR_ALIGN() will cast the aligned pointer to void. Pass 'end' which is u64 pointer to PTR_ALIGN() instead so that the aligned pointer - 1 is the last 64-bit pointer to data. Signed-off-by: Michael Chan <michael.chan@...adcom.com> --- drivers/net/ethernet/broadcom/bnxt/bnxt.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/net/ethernet/broadcom/bnxt/bnxt.c b/drivers/net/ethernet/broadcom/bnxt/bnxt.c index 8ab000d..82f1913 100644 --- a/drivers/net/ethernet/broadcom/bnxt/bnxt.c +++ b/drivers/net/ethernet/broadcom/bnxt/bnxt.c @@ -248,7 +248,8 @@ static netdev_tx_t bnxt_start_xmit(struct sk_buff *skb, struct net_device *dev) tx_push1->tx_bd_cfa_meta = cpu_to_le32(vlan_tag_flags); tx_push1->tx_bd_cfa_action = cpu_to_le32(cfa_action); - end = PTR_ALIGN(pdata + length + 1, 8) - 1; + end = pdata + length; + end = PTR_ALIGN(end, 8) - 1; *end = 0; skb_copy_from_linear_data(skb, pdata, len); -- 1.8.3.1
Powered by blists - more mailing lists