lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <309B89C4C689E141A5FF6A0C5FB2118B73140CF2@ORSMSX101.amr.corp.intel.com>
Date:	Tue, 21 Jan 2014 00:15:32 +0000
From:	"Brown, Aaron F" <aaron.f.brown@...el.com>
To:	"netdev@...r.kernel.org" <netdev@...r.kernel.org>
CC:	"davem@...emloft.net" <davem@...emloft.net>
Subject: [net-next] [patch v2] i40e: potential array underflow in
 i40e_vc_process_vf_msg()]

I did not see this on the netdev list so forwarding from e1000-devel
with subject line changed, a Tested-by: and Signed-off-by added.

From: Dan Carpenter <dan.carpenter@...cle.com>
Reply-to: Dan Carpenter <dan.carpenter@...cle.com>
To: Jeff Kirsher <jeffrey.t.kirsher@...el.com>
Cc: kernel-janitors@...r.kernel.org, e1000-devel@...ts.sourceforge.net,
Bruce Allan <bruce.w.allan@...el.com>, Jesse Brandeburg
<jesse.brandeburg@...el.com>, Wei Yongjun
<yongjun_wei@...ndmicro.com.cn>, John Ronciak <john.ronciak@...el.com>
Subject: [E1000-devel] [patch v2] i40e: potential array underflow in
i40e_vc_process_vf_msg()
Date: Sat, 11 Jan 2014 12:58:42 +0300

If "vf_id" is smaller than hw->func_caps.vf_base_id then it leads to
an array underflow of the pf->vf[] array.  This is unlikely to happen
unless the hardware is bad, but it's a small change and it silences a
static checker warning.

Fixes: 7efa84b7abc1 ('i40e: support VFs on PFs other than 0')
Signed-off-by: Dan Carpenter <dan.carpenter@...cle.com>
Tested-by: Sibai Li <sibai.li@...el.com>
Signed-off-by: Aaron Brown <aaron.f.brown@...el.com>
---
v2: rebased.  commit message updated.

diff --git a/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c b/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c
index 51a4f6125437..b77d7e79d977 100644
--- a/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c
+++ b/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c
@@ -1772,7 +1772,7 @@ int i40e_vc_process_vf_msg(struct i40e_pf *pf, u16 vf_id, u32 v_opcode,
 			   u32 v_retval, u8 *msg, u16 msglen)
 {
 	struct i40e_hw *hw = &pf->hw;
-	int local_vf_id = vf_id - hw->func_caps.vf_base_id;
+	unsigned int local_vf_id = vf_id - hw->func_caps.vf_base_id;
 	struct i40e_vf *vf;
 	int ret;
 

------------------------------------------------------------------------------
CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today. 
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
_______________________________________________
E1000-devel mailing list
E1000-devel@...ts.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/e1000-devel
To learn more about Intel&#174; Ethernet, visit http://communities.intel.com/community/wired

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ