[PATCH v2][next] octeontx2-pf: Fix out-of-bounds read warning in otx2_get_fecparam()

Fri, 12 Feb 2021 08:20:45 -0800 


Looks good to me.

Thanks,
Hariprasad k

> -----Original Message-----
> From: Gustavo A. R. Silva <gustavo...@kernel.org>
> Sent: Friday, February 12, 2021 8:36 PM
> To: Sunil Kovvuri Goutham <sgout...@marvell.com>; Geethasowjanya
> Akula <gak...@marvell.com>; Subbaraya Sundeep Bhatta
> <sbha...@marvell.com>; Hariprasad Kelam <hke...@marvell.com>; David
> S. Miller <da...@davemloft.net>; Jakub Kicinski <k...@kernel.org>; Jesse
> Brandeburg <jesse.brandeb...@intel.com>; Christina Jacob
> <cja...@marvell.com>
> Cc: net...@vger.kernel.org; linux-kernel@vger.kernel.org; Gustavo A. R.
> Silva <gustavo...@kernel.org>
> Subject: [EXT] [PATCH v2][next] octeontx2-pf: Fix out-of-bounds read
> warning in otx2_get_fecparam()
> 
> Line at 967 implies that rsp->fwdata.supported_fec may be up to 4:
> 
> if (rsp->fwdata.supported_fec <= FEC_MAX_INDEX)
> 
> which would cause an out-of-bounds read at line 971:
> 
> fecparam->fec = fec[rsp->fwdata.supported_fec];
> 
> However, the range of values for rsp->fwdata.supported_fec is
> 0 to 3. Fix the if condition at line 967, accordingly.
> 
> Link: https://urldefense.proofpoint.com/v2/url?u=https-
> 3A__lore.kernel.org_lkml_MWHPR18MB142173B5F0541ABD3D59860CDE8B9
> -
> 40MWHPR18MB1421.namprd18.prod.outlook.com_&d=DwIBAg&c=nKjWec2
> b6R0mOyPaz7xtfQ&r=2bd4kP44ECYFgf-
> KoNSJWqEipEtpxXnNBKy0vyoJJ8A&m=S9J3c0FowK6hmviWeihiqhoU9VJSXsvD
> OP4d3JS7Y2g&s=EUu3u67l555Q6zXvfGl9niuUM-ulJm4Ipe8KLWvNioQ&e=
> Fixes: d0cf9503e908 ("octeontx2-pf: ethtool fec mode support")
> Addresses-Coverity-ID: 1501722 ("Out-of-bounds read")
> Suggested-by: Hariprasad Kelam <hke...@marvell.com>
> Signed-off-by: Gustavo A. R. Silva <gustavo...@kernel.org>
> ---
> Changes in v2:
>  - Fix if condition.
> 
>  drivers/net/ethernet/marvell/octeontx2/nic/otx2_ethtool.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/drivers/net/ethernet/marvell/octeontx2/nic/otx2_ethtool.c
> b/drivers/net/ethernet/marvell/octeontx2/nic/otx2_ethtool.c
> index 237e5d3321d4..f4962a97a075 100644
> --- a/drivers/net/ethernet/marvell/octeontx2/nic/otx2_ethtool.c
> +++ b/drivers/net/ethernet/marvell/octeontx2/nic/otx2_ethtool.c
> @@ -964,7 +964,7 @@ static int otx2_get_fecparam(struct net_device
> *netdev,
>       if (IS_ERR(rsp))
>               return PTR_ERR(rsp);
> 
> -     if (rsp->fwdata.supported_fec <= FEC_MAX_INDEX) {
> +     if (rsp->fwdata.supported_fec < FEC_MAX_INDEX) {
>               if (!rsp->fwdata.supported_fec)
>                       fecparam->fec = ETHTOOL_FEC_NONE;
>               else
> --
> 2.27.0

Reply via email to