| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 16 Feb 2018 16:55:35 +0100
From: Andrew Lunn <andrew@...n.ch>
To: Richard Cochran <richardcochran@...il.com>
Cc: "Gustavo A. R. Silva" <garsilva@...eddedor.com>,
Brandon Streiff <brandon.streiff@...com>,
Vivien Didelot <vivien.didelot@...oirfairelinux.com>,
Florian Fainelli <f.fainelli@...il.com>,
netdev@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] net: dsa: mv88e6xxx: hwtstamp: fix potential negative
array index read
On Fri, Feb 16, 2018 at 07:48:46AM -0800, Richard Cochran wrote:
> On Thu, Feb 15, 2018 at 12:31:39PM -0600, Gustavo A. R. Silva wrote:
> > _port_ is being used as index to array port_hwtstamp before verifying
> > it is a non-negative number and a valid index at line 209 and 258:
> >
> > if (port < 0 || port >= mv88e6xxx_num_ports(chip))
> >
> > Fix this by checking _port_ before using it as index to array
> > port_hwtstamp.
>
> NAK. Port is already known to be valid in the callers.
Then we should take out the check. It is probably this check which is
causing the false positives.
Andrew
Powered by blists - more mailing lists