| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 24 Jul 2007 09:24:12 -0400
From: James Smart <James.Smart@...lex.Com>
To: Adrian Bunk <bunk@...sta.de>
CC: James Bottomley <James.Bottomley@...elEye.com>,
linux-kernel@...r.kernel.org, linux-scsi@...r.kernel.org,
Michal Piotrowski <michal.k.k.piotrowski@...il.com>
Subject: Re: 2.6.23 regression: lpfc_sli.c: off-by-10
Adrian,
Thanks.
Syntax-wise, it is incorrect. However there's no risk. The datastructure
its indexing into is a union, and its size is sufficient for the index.
The union supports old and new firmware interfaces. We mistakenly used the
array for the old interface and should have used the (larger) array for
the newer interface.
We're posting a set of fixes later this week and will include the fix for
this.
-- james s
Adrian Bunk wrote:
> The Coverity checker spotted the following off-by-10
> in drivers/scsi/lpfc/lpfc_sli.c:
>
>
> <-- snip -->
>
> ...
> static int
> lpfc_sli_process_unsol_iocb(struct lpfc_hba *phba, struct lpfc_sli_ring *pring,
> struct lpfc_iocbq *saveq)
> {
> ...
> saveq->context3 = lpfc_sli_replace_hbqbuff(phba,
> irsp->un.ulpWord[15]);
> ...
>
> <-- snip -->
>
>
> due to the following code in drivers/scsi/lpfc/lpfc_hw.h:
>
>
> <-- snip -->
>
> ...
> #define IOCB_WORD_SZ 8
> ...
> typedef struct _IOCB { /* IOCB structure */
> ...
> uint32_t ulpWord[IOCB_WORD_SZ - 2]; /* generic 6 'words' */
> ...
>
> <-- snip -->
>
>
> cu
> Adrian
>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists