* [PATCH v2][next] octeontx2-pf: Fix out-of-bounds read warning in otx2_get_fecparam()
@ 2021-02-12 16:18 Hariprasad Kelam
0 siblings, 0 replies; 2+ messages in thread
From: Hariprasad Kelam @ 2021-02-12 16:18 UTC (permalink / raw)
To: Gustavo A. R. Silva, Sunil Kovvuri Goutham, Geethasowjanya Akula,
Subbaraya Sundeep Bhatta, David S. Miller, Jakub Kicinski,
Jesse Brandeburg, Christina Jacob
Cc: netdev, linux-kernel
Looks good to me.
Thanks,
Hariprasad k
> -----Original Message-----
> From: Gustavo A. R. Silva <gustavoars@kernel.org>
> Sent: Friday, February 12, 2021 8:36 PM
> To: Sunil Kovvuri Goutham <sgoutham@marvell.com>; Geethasowjanya
> Akula <gakula@marvell.com>; Subbaraya Sundeep Bhatta
> <sbhatta@marvell.com>; Hariprasad Kelam <hkelam@marvell.com>; David
> S. Miller <davem@davemloft.net>; Jakub Kicinski <kuba@kernel.org>; Jesse
> Brandeburg <jesse.brandeburg@intel.com>; Christina Jacob
> <cjacob@marvell.com>
> Cc: netdev@vger.kernel.org; linux-kernel@vger.kernel.org; Gustavo A. R.
> Silva <gustavoars@kernel.org>
> Subject: [EXT] [PATCH v2][next] octeontx2-pf: Fix out-of-bounds read
> warning in otx2_get_fecparam()
>
> Line at 967 implies that rsp->fwdata.supported_fec may be up to 4:
>
> if (rsp->fwdata.supported_fec <= FEC_MAX_INDEX)
>
> which would cause an out-of-bounds read at line 971:
>
> fecparam->fec = fec[rsp->fwdata.supported_fec];
>
> However, the range of values for rsp->fwdata.supported_fec is
> 0 to 3. Fix the if condition at line 967, accordingly.
>
> Link: https://urldefense.proofpoint.com/v2/url?u=https-
> 3A__lore.kernel.org_lkml_MWHPR18MB142173B5F0541ABD3D59860CDE8B9
> -
> 40MWHPR18MB1421.namprd18.prod.outlook.com_&d=DwIBAg&c=nKjWec2
> b6R0mOyPaz7xtfQ&r=2bd4kP44ECYFgf-
> KoNSJWqEipEtpxXnNBKy0vyoJJ8A&m=S9J3c0FowK6hmviWeihiqhoU9VJSXsvD
> OP4d3JS7Y2g&s=EUu3u67l555Q6zXvfGl9niuUM-ulJm4Ipe8KLWvNioQ&e=
> Fixes: d0cf9503e908 ("octeontx2-pf: ethtool fec mode support")
> Addresses-Coverity-ID: 1501722 ("Out-of-bounds read")
> Suggested-by: Hariprasad Kelam <hkelam@marvell.com>
> Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
> ---
> Changes in v2:
> - Fix if condition.
>
> drivers/net/ethernet/marvell/octeontx2/nic/otx2_ethtool.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/net/ethernet/marvell/octeontx2/nic/otx2_ethtool.c
> b/drivers/net/ethernet/marvell/octeontx2/nic/otx2_ethtool.c
> index 237e5d3321d4..f4962a97a075 100644
> --- a/drivers/net/ethernet/marvell/octeontx2/nic/otx2_ethtool.c
> +++ b/drivers/net/ethernet/marvell/octeontx2/nic/otx2_ethtool.c
> @@ -964,7 +964,7 @@ static int otx2_get_fecparam(struct net_device
> *netdev,
> if (IS_ERR(rsp))
> return PTR_ERR(rsp);
>
> - if (rsp->fwdata.supported_fec <= FEC_MAX_INDEX) {
> + if (rsp->fwdata.supported_fec < FEC_MAX_INDEX) {
> if (!rsp->fwdata.supported_fec)
> fecparam->fec = ETHTOOL_FEC_NONE;
> else
> --
> 2.27.0
^ permalink raw reply [flat|nested] 2+ messages in thread
* [PATCH v2][next] octeontx2-pf: Fix out-of-bounds read warning in otx2_get_fecparam()
@ 2021-02-12 15:06 Gustavo A. R. Silva
0 siblings, 0 replies; 2+ messages in thread
From: Gustavo A. R. Silva @ 2021-02-12 15:06 UTC (permalink / raw)
To: Sunil Goutham, Geetha sowjanya, Subbaraya Sundeep, hariprasad,
David S. Miller, Jakub Kicinski, Jesse Brandeburg,
Christina Jacob
Cc: netdev, linux-kernel, Gustavo A. R. Silva
Line at 967 implies that rsp->fwdata.supported_fec may be up to 4:
if (rsp->fwdata.supported_fec <= FEC_MAX_INDEX)
which would cause an out-of-bounds read at line 971:
fecparam->fec = fec[rsp->fwdata.supported_fec];
However, the range of values for rsp->fwdata.supported_fec is
0 to 3. Fix the if condition at line 967, accordingly.
Link: https://lore.kernel.org/lkml/MWHPR18MB142173B5F0541ABD3D59860CDE8B9@MWHPR18MB1421.namprd18.prod.outlook.com/
Fixes: d0cf9503e908 ("octeontx2-pf: ethtool fec mode support")
Addresses-Coverity-ID: 1501722 ("Out-of-bounds read")
Suggested-by: Hariprasad Kelam <hkelam@marvell.com>
Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
---
Changes in v2:
- Fix if condition.
drivers/net/ethernet/marvell/octeontx2/nic/otx2_ethtool.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/net/ethernet/marvell/octeontx2/nic/otx2_ethtool.c b/drivers/net/ethernet/marvell/octeontx2/nic/otx2_ethtool.c
index 237e5d3321d4..f4962a97a075 100644
--- a/drivers/net/ethernet/marvell/octeontx2/nic/otx2_ethtool.c
+++ b/drivers/net/ethernet/marvell/octeontx2/nic/otx2_ethtool.c
@@ -964,7 +964,7 @@ static int otx2_get_fecparam(struct net_device *netdev,
if (IS_ERR(rsp))
return PTR_ERR(rsp);
- if (rsp->fwdata.supported_fec <= FEC_MAX_INDEX) {
+ if (rsp->fwdata.supported_fec < FEC_MAX_INDEX) {
if (!rsp->fwdata.supported_fec)
fecparam->fec = ETHTOOL_FEC_NONE;
else
--
2.27.0
^ permalink raw reply related [flat|nested] 2+ messages in thread
end of thread, other threads:[~2021-02-12 16:20 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-02-12 16:18 [PATCH v2][next] octeontx2-pf: Fix out-of-bounds read warning in otx2_get_fecparam() Hariprasad Kelam
-- strict thread matches above, loose matches on Subject: below --
2021-02-12 15:06 Gustavo A. R. Silva
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.