From: Dawid Zielinski <dawid.zielin...@intel.com> Added length check against EEPROM size in words to prevent untrusted loop bound reported by static code analysis.
Signed-off-by: Dawid Zielinski <dawid.zielin...@intel.com> --- drivers/net/ixgbe/base/ixgbe_common.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/net/ixgbe/base/ixgbe_common.c b/drivers/net/ixgbe/base/ixgbe_common.c index a19f4d715c..73b5935d88 100644 --- a/drivers/net/ixgbe/base/ixgbe_common.c +++ b/drivers/net/ixgbe/base/ixgbe_common.c @@ -675,7 +675,7 @@ s32 ixgbe_read_pba_string_generic(struct ixgbe_hw *hw, u8 *pba_num, return ret_val; } - if (length == 0xFFFF || length == 0) { + if (length == 0xFFFF || length == 0 || length > hw->eeprom.word_size) { DEBUGOUT("NVM PBA number section invalid length\n"); return IXGBE_ERR_PBA_SECTION; } -- 2.43.0