| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 20 Aug 2020 20:15:04 -0700
From: Florian Fainelli <f.fainelli@...il.com>
To: Markus Mayer <markus.mayer@...adcom.com>,
Colin Ian King <colin.king@...onical.com>,
Krzysztof Kozlowski <krzk@...nel.org>
Cc: BCM Kernel Feedback <bcm-kernel-feedback-list@...adcom.com>,
Linux ARM Kernel <linux-arm-kernel@...ts.infradead.org>,
Linux Kernel <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] memory: brcmstb_dpfe: fix array index out of bounds
On 8/20/2020 6:03 PM, Markus Mayer wrote:
> We would overrun the error_text array if we hit a TIMEOUT condition,
> because we were using the error code "ETIMEDOUT" (which is 110) as an
> array index.
>
> We fix the problem by correcting the array index and by providing a
> function to retrieve error messages rather than accessing the array
> directly. The function includes a bounds check that prevents the array
> from being overrun.
>
> Signed-off-by: Markus Mayer <mmayer@...adcom.com>
Acked-by: Florian Fainelli <f.fainelli@...il.com>
Fixes: 2f330caff577 ("memory: brcmstb: Add driver for DPFE")
Reported-by: Colin Ian King <colin.king@...onical.com>
(Colin, was there a specific coverity ID you wanted to use?)
--
Florian
Powered by blists - more mailing lists