| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20220617050101.37620-1-huzh@nyu.edu>
Date: Fri, 17 Jun 2022 01:01:02 -0400
From: HighW4y2H3ll <huzh@....edu>
To: "David S. Miller" <davem@...emloft.net>,
Eric Dumazet <edumazet@...gle.com>,
Jakub Kicinski <kuba@...nel.org>,
Paolo Abeni <pabeni@...hat.com>
Cc: HighW4y2H3ll <huzh@....edu>, netdev@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: [PATCH v2] Fix buffer overflow in hinic_devlink.c:hinic_flash_fw
Signed-off-by: zhenghao hu <huzh@....edu>
---
drivers/net/ethernet/huawei/hinic/hinic_port.h | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/net/ethernet/huawei/hinic/hinic_port.h b/drivers/net/ethernet/huawei/hinic/hinic_port.h
index c9ae3d4dc547..4a50e75a2424 100644
--- a/drivers/net/ethernet/huawei/hinic/hinic_port.h
+++ b/drivers/net/ethernet/huawei/hinic/hinic_port.h
@@ -13,6 +13,7 @@
#include <linux/bitops.h>
#include "hinic_dev.h"
+#include "hinic_devlink.h"
#define HINIC_RSS_KEY_SIZE 40
#define HINIC_RSS_INDIR_SIZE 256
@@ -751,7 +752,7 @@ struct hinic_cmd_update_fw {
u32 setion_total_len;
u32 fw_section_version;
u32 section_offset;
- u32 data[384];
+ u32 data[MAX_FW_FRAGMENT_LEN];
};
int hinic_port_add_mac(struct hinic_dev *nic_dev, const u8 *addr,
--
2.35.1
Powered by blists - more mailing lists