| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 7 Jun 2019 18:31:07 +0300
From: Dan Carpenter <dan.carpenter@...cle.com>
To: David Ahern <dsahern@...nel.org>
Cc: "David S. Miller" <davem@...emloft.net>, netdev@...r.kernel.org,
kernel-janitors@...r.kernel.org
Subject: [PATCH v2 next] nexthop: off by one in nexthop_mpath_select()
The nhg->nh_entries[] array is allocated in nexthop_grp_alloc() and it
has nhg->num_nh elements so this check should be >= instead of >.
Fixes: 430a049190de ("nexthop: Add support for nexthop groups")
Signed-off-by: Dan Carpenter <dan.carpenter@...cle.com>
Reviewed-by: David Ahern <dsahern@...il.com>
---
v2: Use the correct Fixes tag
include/net/nexthop.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/include/net/nexthop.h b/include/net/nexthop.h
index aff7b2410057..e019ed9b3dc3 100644
--- a/include/net/nexthop.h
+++ b/include/net/nexthop.h
@@ -160,7 +160,7 @@ struct nexthop *nexthop_mpath_select(const struct nexthop *nh, int nhsel)
/* for_nexthops macros in fib_semantics.c grabs a pointer to
* the nexthop before checking nhsel
*/
- if (nhsel > nhg->num_nh)
+ if (nhsel >= nhg->num_nh)
return NULL;
return nhg->nh_entries[nhsel].nh;
--
2.20.1
Powered by blists - more mailing lists