| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <3360b179-aaf6-d126-dd40-e1f7e81ac27d@canonical.com>
Date: Fri, 2 Aug 2019 18:12:17 +0100
From: Colin Ian King <colin.king@...onical.com>
To: "Allan, Bruce W" <bruce.w.allan@...el.com>,
"Kirsher, Jeffrey T" <jeffrey.t.kirsher@...el.com>,
"David S . Miller" <davem@...emloft.net>,
"intel-wired-lan@...ts.osuosl.org" <intel-wired-lan@...ts.osuosl.org>,
"netdev@...r.kernel.org" <netdev@...r.kernel.org>
Cc: "kernel-janitors@...r.kernel.org" <kernel-janitors@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: [Intel-wired-lan] [PATCH][net-next] ice: fix potential infinite
loop
On 02/08/2019 18:07, Allan, Bruce W wrote:
>> -----Original Message-----
>> From: Intel-wired-lan [mailto:intel-wired-lan-bounces@...osl.org] On Behalf
>> Of Colin King
>> Sent: Friday, August 02, 2019 8:52 AM
>> To: Kirsher, Jeffrey T <jeffrey.t.kirsher@...el.com>; David S . Miller
>> <davem@...emloft.net>; intel-wired-lan@...ts.osuosl.org;
>> netdev@...r.kernel.org
>> Cc: kernel-janitors@...r.kernel.org; linux-kernel@...r.kernel.org
>> Subject: [Intel-wired-lan] [PATCH][net-next] ice: fix potential infinite loop
>>
>> From: Colin Ian King <colin.king@...onical.com>
>>
>> The loop counter of a for-loop is a u8 however this is being compared
>> to an int upper bound and this can lead to an infinite loop if the
>> upper bound is greater than 255 since the loop counter will wrap back
>> to zero. Fix this potential issue by making the loop counter an int.
>>
>> Addresses-Coverity: ("Infinite loop")
>
> Actually, num_alloc_vfs should probably be a u16 instead of an int since num_alloc_vfs cannot exceed 256.
>
> Which Coverity scan reported this and what options are used in the analysis?
One that I run in a private coverity scan with scan analysis cranked up
high on linux-next, so the report is not public.
Colin
>
>> Fixes: c7aeb4d1b9bf ("ice: Disable VFs until reset is completed")
>> Signed-off-by: Colin Ian King <colin.king@...onical.com>
>> ---
>> drivers/net/ethernet/intel/ice/ice_main.c | 2 +-
>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/drivers/net/ethernet/intel/ice/ice_main.c
>> b/drivers/net/ethernet/intel/ice/ice_main.c
>> index c26e6a102dac..088543d50095 100644
>> --- a/drivers/net/ethernet/intel/ice/ice_main.c
>> +++ b/drivers/net/ethernet/intel/ice/ice_main.c
>> @@ -488,7 +488,7 @@ static void
>> ice_prepare_for_reset(struct ice_pf *pf)
>> {
>> struct ice_hw *hw = &pf->hw;
>> - u8 i;
>> + int i;
>>
>> /* already prepared for reset */
>> if (test_bit(__ICE_PREPARED_FOR_RESET, pf->state))
>> --
>> 2.20.1
>>
>> _______________________________________________
>> Intel-wired-lan mailing list
>> Intel-wired-lan@...osl.org
>> https://lists.osuosl.org/mailman/listinfo/intel-wired-lan
Powered by blists - more mailing lists