| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20081121.165700.138867321.davem@davemloft.net> Date: Fri, 21 Nov 2008 16:57:00 -0800 (PST) From: David Miller <davem@...emloft.net> To: jeffrey.t.kirsher@...el.com Cc: netdev@...r.kernel.org, jeff@...zik.org, bruce.w.allan@...el.com Subject: Re: [NET-NEXT PATCH 09/14] e1000e: fix possible buffer overflow From: Jeff Kirsher <jeffrey.t.kirsher@...el.com> Date: Fri, 21 Nov 2008 11:01:28 -0800 > From: Bruce Allan <bruce.w.allan@...el.com> > > Put in missing bounds checking of an array. > > Signed-off-by: Bruce Allan <bruce.w.allan@...el.com> > Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@...el.com> No magic constants, please. What does the "+ 5" mean? And using a macro that is: 1) Used in exactly one place 2) Gives no more information than the expanded ARRAY_SIZE() is pretty useless as well. Patch not applied. > @@ -721,6 +723,9 @@ static s32 e1000_get_cable_length_80003es2lan(struct e1000_hw *hw) > return ret_val; > > index = phy_data & GG82563_DSPD_CABLE_LENGTH; > + if (index >= GG82563_CABLE_LENGTH_TABLE_SIZE + 5) > + return E1000_ERR_PHY; > + > phy->min_cable_length = e1000_gg82563_cable_length_table[index]; > phy->max_cable_length = e1000_gg82563_cable_length_table[index+5]; > -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists