| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1510294396.5405.11.camel@mellanox.com>
Date: Fri, 10 Nov 2017 15:13:16 +0900
From: Saeed Mahameed <saeedm@...lanox.com>
To: Or Gerlitz <gerlitz.or@...il.com>, Kamal Heib <kamalh@...lanox.com>
Cc: Linux Netdev List <netdev@...r.kernel.org>,
David Miller <davem@...emloft.net>,
Yevgeny Kliteynik <kliteyn@...lanox.com>
Subject: Re: [net 3/6] net/mlx5: FPGA, return -EINVAL if size is zero
On Thu, 2017-11-09 at 18:12 +0900, Or Gerlitz wrote:
> On Thu, Nov 9, 2017 at 4:43 PM, Kamal Heib <kamalh@...lanox.com>
> wrote:
> > On Wed, 2017-11-08 at 23:13 +0900, Or Gerlitz wrote:
> > > On Wed, Nov 8, 2017 at 4:21 PM, Saeed Mahameed <saeedm@...lanox.c
> > > om>
> > > wrote:
> > > > From: Kamal Heib <kamalh@...lanox.com>
> > > >
> > > > In the current code, if a size of zero is passed to
> > > > mlx5_fpga_mem_{read|write}_i2c() functions the "err"
> > >
> > > Don't we need to fix the call site where zero size is provided
> > > and
> > > not
> > > in called function?
> > >
> >
> > Isn't sending down a zero size a sign for a bug which we are not
> > fixing?
> > >
> >
> > Both functions are called from an exported symbols. so I think the
> > size
> > validation should be within this two functions just like the case
> > of
> > checking that mdev isn't set.
>
> mmm, I see exported to who exactly? how are they being called, by
> func pointer?
> can you point to the call sites?
Or, are you ok with this patch ? I would like to post V2 with the
reviewed-by tag fix.
Powered by blists - more mailing lists