| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <0835B3720019904CB8F7AA43166CEEB251585A@RTITMBSV03.realtek.com.tw> Date: Wed, 20 Aug 2014 12:35:09 +0000 From: Hayes Wang <hayeswang@...ltek.com> To: Daniele Forsi <dforsi@...il.com> CC: "netdev@...r.kernel.org" <netdev@...r.kernel.org>, nic_swsd <nic_swsd@...ltek.com>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, USB list <linux-usb@...r.kernel.org> Subject: RE: [PATCH net-next 4/4] r8152: support firmware files Daniele Forsi [mailto:dforsi@...il.com] > Sent: Wednesday, August 20, 2014 8:01 PM > To: Hayes Wang > Cc: netdev@...r.kernel.org; nic_swsd; > linux-kernel@...r.kernel.org; USB list > Subject: Re: [PATCH net-next 4/4] r8152: support firmware files [...] > > + start = le32_to_cpu(fw_header->fw_start); > > + if (start > fw->size) > > + goto out; > > since "start" is an offset in an array of size "fw->size" this should > check for ">=" and if a command is at least cmd(2 bytes) + length(2 > bytes), shouldn't this check for "start >= fw->size - 4"? Is this necessary? Besides the check of the "start", there are checks of the "size" and rtl_fw_data_ok(). I think they cover the situations which you indicate. Best Regards, Hayes -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists