Re: [PATCH net-next v1 5/5] hinic: add support to get eeprom information

Andrew Lunn Sat, 20 Jun 2020 09:01:48 -0700

> +static int hinic_get_module_eeprom(struct net_device *netdev,
> +                                struct ethtool_eeprom *ee, u8 *data)
> +{
> +     struct hinic_dev *nic_dev = netdev_priv(netdev);
> +     u8 sfp_data[STD_SFP_INFO_MAX_SIZE];


sfp_data will contain whatever is on the stack.

> +     u16 len;
> +     int err;
> +
> +     if (!ee->len || ((ee->len + ee->offset) > STD_SFP_INFO_MAX_SIZE))
> +             return -EINVAL;
> +
> +     memset(data, 0, ee->len);

This clears what you are going to return.

> +
> +     err = hinic_get_sfp_eeprom(nic_dev->hwdev, sfp_data, &len);

Upto len bytes of sfp_data now contain useful data. The rest of
sfp_data is still stack data.


> +     if (err)
> +             return err;
> +
> +     memcpy(data, sfp_data + ee->offset, ee->len);

If len < ee->len, you have just returned to user space some stack data.

   Andrew

Re: [PATCH net-next v1 5/5] hinic: add support to get eeprom information

Reply via email to