lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Thu, 18 Oct 2007 07:35:46 -0700
From:	"Cahill, Ben M" <ben.m.cahill@...el.com>
To:	"Adrian Bunk" <bunk@...nel.org>, "Zhu, Yi" <yi.zhu@...el.com>
Cc:	<linux-wireless@...r.kernel.org>,
	<ipw3945-devel@...ts.sourceforge.net>,
	<linux-kernel@...r.kernel.org>
Subject: RE: [2.6 patch] iwl4965-base.c: fix off-by-one errors

ACK ... good catch.

-- Ben --

> -----Original Message-----
> From: linux-wireless-owner@...r.kernel.org 
> [mailto:linux-wireless-owner@...r.kernel.org] On Behalf Of Adrian Bunk
> Sent: Sunday, October 14, 2007 1:51 PM
> To: Zhu, Yi
> Cc: linux-wireless@...r.kernel.org; 
> ipw3945-devel@...ts.sourceforge.net; linux-kernel@...r.kernel.org
> Subject: [2.6 patch] iwl4965-base.c: fix off-by-one errors
> 
> This patch fixes two off-by-one errors resulting in array 
> overflows spotted by the Coverity checker.
> 
> Signed-off-by: Adrian Bunk <bunk@...nel.org>
> 
> ---
> 
>  drivers/net/wireless/iwlwifi/iwl4965-base.c |    8 ++++----
>  1 file changed, 4 insertions(+), 4 deletions(-)
> 
> --- linux-2.6/drivers/net/wireless/iwlwifi/iwl4965-base.c.old	
> 2007-10-14 16:52:21.000000000 +0200
> +++ linux-2.6/drivers/net/wireless/iwlwifi/iwl4965-base.c	
> 2007-10-14 16:59:37.000000000 +0200
> @@ -4489,23 +4489,23 @@ static u8 ratio2dB[100] = {
>  	39, 39, 39, 39, 39, 40, 40, 40, 40, 40  /* 90 - 99 */  };
>  
>  /* Calculates a relative dB value from a ratio of linear
>   *   (i.e. not dB) signal levels.
>   * Conversion assumes that levels are voltages (20*log), not 
> powers (10*log). */  int iwl_calc_db_from_ratio(int sig_ratio)  {
> -	/* Anything above 1000:1 just report as 60 dB */
> -	if (sig_ratio > 1000)
> +	/* 1000:1 or higher just report as 60 dB */
> +	if (sig_ratio >= 1000)
>  		return 60;
>  
> -	/* Above 100:1, divide by 10 and use table,
> +	/* 100:1 or higher, divide by 10 and use table,
>  	 *   add 20 dB to make up for divide by 10 */
> -	if (sig_ratio > 100)
> +	if (sig_ratio >= 100)
>  		return (20 + (int)ratio2dB[sig_ratio/10]);
>  
>  	/* We shouldn't see this */
>  	if (sig_ratio < 1)
>  		return 0;
>  
>  	/* Use table for ratios 1:1 - 99:1 */
>  	return (int)ratio2dB[sig_ratio];
> 
> -
> To unsubscribe from this list: send the line "unsubscribe 
> linux-wireless" in the body of a message to 
> majordomo@...r.kernel.org More majordomo info at  
> http://vger.kernel.org/majordomo-info.html
> 
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ