| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <YnU2gHe+QZOAuNyV@kili>
Date: Fri, 6 May 2022 17:53:52 +0300
From: Dan Carpenter <dan.carpenter@...cle.com>
To: Dipen Patel <dipenp@...dia.com>
Cc: Thierry Reding <treding@...dia.com>, linux-kernel@...r.kernel.org,
kernel-janitors@...r.kernel.org
Subject: [PATCH 1/2] hte: fix off by one in hte_push_ts_ns()
The &chip->gdev->ei[] array has chip->nlines elements so this >
comparison needs to be >= to prevent an out of bounds access. The
gdev->ei[] array is allocated in hte_register_chip().
Fixes: 31ab09b42188 ("drivers: Add hardware timestamp engine (HTE) subsystem")
Signed-off-by: Dan Carpenter <dan.carpenter@...cle.com>
---
drivers/hte/hte.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/hte/hte.c b/drivers/hte/hte.c
index 891b98ad609e..a14c5bf290ff 100644
--- a/drivers/hte/hte.c
+++ b/drivers/hte/hte.c
@@ -811,7 +811,7 @@ int hte_push_ts_ns(const struct hte_chip *chip, u32 xlated_id,
if (!chip || !data || !chip->gdev)
return -EINVAL;
- if (xlated_id > chip->nlines)
+ if (xlated_id >= chip->nlines)
return -EINVAL;
ei = &chip->gdev->ei[xlated_id];
--
2.35.1
Powered by blists - more mailing lists