lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <5cd9c68fc1514a1132e20e088ced841d722fef88.1547878835.git.igor.russkikh@aquantia.com> Date: Mon, 21 Jan 2019 14:53:44 +0000 From: Igor Russkikh <Igor.Russkikh@...antia.com> To: "David S . Miller" <davem@...emloft.net> CC: "netdev@...r.kernel.org" <netdev@...r.kernel.org>, Igor Russkikh <Igor.Russkikh@...antia.com>, Nikita Danilov <Nikita.Danilov@...antia.com> Subject: [PATCH net 1/5] net: aquantia: fixed memcpy size From: Nikita Danilov <nikita.danilov@...antia.com> Not careful array dereference caused analysis tools to think there could be memory overflow. There was actually no corruption because the array is two dimensional. drivers/net/ethernet/aquantia/atlantic/aq_ethtool.c: 140 aq_ethtool_get_strings() error: memcpy() '*aq_ethtool_stat_names' too small (32 vs 704) Signed-off-by: Nikita Danilov <nikita.danilov@...antia.com> Signed-off-by: Igor Russkikh <igor.russkikh@...antia.com> --- drivers/net/ethernet/aquantia/atlantic/aq_ethtool.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/net/ethernet/aquantia/atlantic/aq_ethtool.c b/drivers/net/ethernet/aquantia/atlantic/aq_ethtool.c index 38e87eed76b9..a718d7a1f76c 100644 --- a/drivers/net/ethernet/aquantia/atlantic/aq_ethtool.c +++ b/drivers/net/ethernet/aquantia/atlantic/aq_ethtool.c @@ -138,7 +138,7 @@ static void aq_ethtool_get_strings(struct net_device *ndev, u8 *p = data; if (stringset == ETH_SS_STATS) { - memcpy(p, *aq_ethtool_stat_names, + memcpy(p, aq_ethtool_stat_names, sizeof(aq_ethtool_stat_names)); p = p + sizeof(aq_ethtool_stat_names); for (i = 0; i < cfg->vecs; i++) { -- 2.17.1
Powered by blists - more mailing lists