[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20240828-e810-live-migration-jk-prep-ctx-functions-v2-1-558ab9e240f5@intel.com>
Date: Wed, 28 Aug 2024 13:57:17 -0700
From: Jacob Keller <jacob.e.keller@...el.com>
To: Vladimir Oltean <olteanv@...il.com>, netdev <netdev@...r.kernel.org>,
Anthony Nguyen <anthony.l.nguyen@...el.com>,
Intel Wired LAN <intel-wired-lan@...ts.osuosl.org>
Cc: Przemek Kitszel <przemyslaw.kitszel@...el.com>
Subject: [PATCH iwl-next v2 01/13] lib: packing: refuse operating on bit
indices which exceed size of buffer
From: Vladimir Oltean <vladimir.oltean@....com>
While reworking the implementation, it became apparent that this check
does not exist.
There is no functional issue yet, because at call sites, "startbit" and
"endbit" are always hardcoded to correct values, and never come from the
user.
Even with the upcoming support of arbitrary buffer lengths, the
"startbit >= 8 * pbuflen" check will remain correct. This is because
we intend to always interpret the packed buffer in a way that avoids
discontinuities in the available bit indices.
Fixes: 554aae35007e ("lib: Add support for generic packing operations")
Signed-off-by: Vladimir Oltean <vladimir.oltean@....com>
Tested-by: Jacob Keller <jacob.e.keller@...el.com>
Signed-off-by: Jacob Keller <jacob.e.keller@...el.com>
Reviewed-by: Przemek Kitszel <przemyslaw.kitszel@...el.com>
---
lib/packing.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/lib/packing.c b/lib/packing.c
index 3f656167c17e..439125286d2b 100644
--- a/lib/packing.c
+++ b/lib/packing.c
@@ -86,8 +86,10 @@ int packing(void *pbuf, u64 *uval, int startbit, int endbit, size_t pbuflen,
*/
int plogical_first_u8, plogical_last_u8, box;
- /* startbit is expected to be larger than endbit */
- if (startbit < endbit)
+ /* startbit is expected to be larger than endbit, and both are
+ * expected to be within the logically addressable range of the buffer.
+ */
+ if (unlikely(startbit < endbit || startbit >= 8 * pbuflen || endbit < 0))
/* Invalid function call */
return -EINVAL;
--
2.46.0.124.g2dc1a81c8933
Powered by blists - more mailing lists