[PATCH v1 19/22] net/ixgbe/base: prevent untrusted loop bound

Anatoly Burakov anatoly.burakov at intel.com
Wed Apr 24 15:21:53 CEST 2024

Previous message (by thread): [PATCH v1 18/22] net/ixgbe/base: improve SWFW semaphore acquisition
Next message (by thread): [PATCH v1 20/22] net/ixgbe/base: add IXGBE_ADVTXD_MACLEN_MASK macro
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Dawid Zielinski <dawid.zielinski at intel.com>

Added length check against EEPROM size in words to prevent untrusted
loop bound reported by static code analysis.

Signed-off-by: Dawid Zielinski <dawid.zielinski at intel.com>
---
 drivers/net/ixgbe/base/ixgbe_common.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/net/ixgbe/base/ixgbe_common.c b/drivers/net/ixgbe/base/ixgbe_common.c
index a19f4d715c..73b5935d88 100644
--- a/drivers/net/ixgbe/base/ixgbe_common.c
+++ b/drivers/net/ixgbe/base/ixgbe_common.c
@@ -675,7 +675,7 @@ s32 ixgbe_read_pba_string_generic(struct ixgbe_hw *hw, u8 *pba_num,
 		return ret_val;
 	}
 
-	if (length == 0xFFFF || length == 0) {
+	if (length == 0xFFFF || length == 0 || length > hw->eeprom.word_size) {
 		DEBUGOUT("NVM PBA number section invalid length\n");
 		return IXGBE_ERR_PBA_SECTION;
 	}
-- 
2.43.0

Previous message (by thread): [PATCH v1 18/22] net/ixgbe/base: improve SWFW semaphore acquisition
Next message (by thread): [PATCH v1 20/22] net/ixgbe/base: add IXGBE_ADVTXD_MACLEN_MASK macro
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list