| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20121207111045.GA9676@elgon.mountain> Date: Fri, 7 Dec 2012 14:10:46 +0300 From: Dan Carpenter <dan.carpenter@...cle.com> To: Stephen Hemminger <shemminger@...tta.com> Cc: "David S. Miller" <davem@...emloft.net>, bridge@...ts.linux-foundation.org, netdev@...r.kernel.org, kernel-janitors@...r.kernel.org, Thomas Graf <tgraf@...g.ch> Subject: [patch v2] bridge: make buffer larger in br_setlink() We pass IFLA_BRPORT_MAX to nla_parse_nested() so we need IFLA_BRPORT_MAX + 1 elements. Also Smatch complains that we read past the end of the array when in br_set_port_flag() when it's called with IFLA_BRPORT_FAST_LEAVE. Signed-off-by: Dan Carpenter <dan.carpenter@...cle.com> --- v2: Style tweak. Only needed in linux-next. diff --git a/net/bridge/br_netlink.c b/net/bridge/br_netlink.c index 850b7d1..cfc5cfe 100644 --- a/net/bridge/br_netlink.c +++ b/net/bridge/br_netlink.c @@ -239,7 +239,7 @@ int br_setlink(struct net_device *dev, struct nlmsghdr *nlh) struct ifinfomsg *ifm; struct nlattr *protinfo; struct net_bridge_port *p; - struct nlattr *tb[IFLA_BRPORT_MAX]; + struct nlattr *tb[IFLA_BRPORT_MAX + 1]; int err; ifm = nlmsg_data(nlh); -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists