| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <52AB3D86.2040706@linux.com> Date: Fri, 13 Dec 2013 18:01:58 +0100 From: Levente Kurusa <levex@...ux.com> To: Yu Chen <chyyuu@...il.com>, linux-kernel@...r.kernel.org CC: megaraidlinux@....com, xiaoqixue_1 <xiaoqixue_1@....com>, 范文良 <fanwlexca@...il.com> Subject: Re: [PATCH] scsi: integer overflow in megadev_ioctl() Hi, On 12/13/2013 05:55 PM, Yu Chen wrote: > drivers/scsi/megaraid.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/drivers/scsi/megaraid.c b/drivers/scsi/megaraid.c > index 816db12..41bbc21 100644 > --- a/drivers/scsi/megaraid.c > +++ b/drivers/scsi/megaraid.c > @@ -3113,7 +3113,8 @@ megadev_ioctl(struct file *filep, unsigned int > cmd, unsigned long arg) > /* > * Which adapter > */ > - if( (adapno = GETADAP(uioc.adapno)) >= hba_count ) > + adapno = GETADAP(uioc.adapno); > + if( adapno >= hba_count || adapno < 0 ) > return (-ENODEV); Wouldn't returning -EINVAL be better? For hba_count I understand that -ENODEV is returned but for adapno being a passed variable, I would suggest returning -EINVAL. -- Regards, Levente Kurusa -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists