| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <063D6719AE5E284EB5DD2968C1650D6DD00B1167@AcuExch.aculab.com>
Date: Mon, 6 Nov 2017 10:27:55 +0000
From: David Laight <David.Laight@...LAB.COM>
To: 'David Miller' <davem@...emloft.net>,
"desnesn@...ux.vnet.ibm.com" <desnesn@...ux.vnet.ibm.com>
CC: "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
"linuxppc-dev@...ts.ozlabs.org" <linuxppc-dev@...ts.ozlabs.org>,
"tlfalcon@...ux.vnet.ibm.com" <tlfalcon@...ux.vnet.ibm.com>,
"nfont@...ux.vnet.ibm.com" <nfont@...ux.vnet.ibm.com>,
"jallen@...ux.vnet.ibm.com" <jallen@...ux.vnet.ibm.com>
Subject: RE: [PATCH] [net-next,v2] ibmvnic: Feature implementation of Vital
Product Data (VPD) for the ibmvnic driver
From: David Miller
> Sent: 04 November 2017 13:21
> From: Desnes Augusto Nunes do Rosario <desnesn@...ux.vnet.ibm.com>
> Date: Wed, 1 Nov 2017 19:03:32 -0200
>
> > + substr = strnstr(adapter->vpd->buff, "RM", adapter->vpd->len);
> > + if (!substr) {
> > + dev_info(dev, "No FW level provided by VPD\n");
> > + complete(&adapter->fw_done);
> > + return;
> > + }
> > +
> > + /* get length of firmware level ASCII substring */
> > + fw_level_len = *(substr + 2);
> > +
> > + /* copy firmware version string from vpd into adapter */
> > + ptr = strncpy((char *)adapter->fw_version,
> > + substr + 3, fw_level_len);
>
> You have to be more careful here, making sure first that
> (substr + 2) < (adapter->vpd->buff + adapter->vpd->len),
> and next that (substr + 2 + fw_level_len) is in range
> as well.
And that the copy isn't longer than the target buffer.
David
Powered by blists - more mailing lists