lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-Id: <20110215.121553.112596232.davem@davemloft.net>
Date:	Tue, 15 Feb 2011 12:15:53 -0800 (PST)
From:	David Miller <davem@...emloft.net>
To:	miltonm@....com
Cc:	linux-kernel@...r.kernel.org, netdev@...r.kernel.org,
	tj@...nel.org, isdn@...ux-pingi.de, jj@...osbits.net
Subject: Re: potential null pointer dereference in
 drivers/isdn/hisax/isdnl2.c

From: Milton Miller <miltonm@....com>
Date: Tue, 15 Feb 2011 14:09:16 -0600

> On Mon, 14 Feb 2011 00:53:09 -0000, Dave Miler wrote:
>> diff --git a/drivers/isdn/hisax/isdnl2.c b/drivers/isdn/hisax/isdnl2.c
>> index 0858791..98ac835 100644
>> --- a/drivers/isdn/hisax/isdnl2.c
>> +++ b/drivers/isdn/hisax/isdnl2.c
>> @@ -1243,14 +1243,21 @@ l2_st7_tout_203(struct FsmInst *fi, int event, void *arg)
>>  	st->l2.rc = 0;
>>  }
>>  
>> +static int l2_hdr_space_needed(struct Layer2 *l2)
>> +{
>> +	int len = test_bit(FLG_LAPD, &l2->flag) ? 2 : 1;
>> +
>> +	return len + (test_bit(FLG_LAPD, &l2->flag) ? 2 : 1);
>> +}
>> +
> 
> That struck me as an funny way to write 2 * len, so I finally looked
> at the code.  I think one of those should be FLG_MOD128, but then
> at that point why not use the existing l2headersize(l2, ui) with
> ui = 0?
> 
> I see this is in linux-next of Feb 15, 2011.

Good catch, thanks.  I'll fix this.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ