subject:"\[PATCH\]\[next\] octeontx2\-pf\: Fix out\-of\-bounds read in otx2_get_fecparam\(\)"

[PATCH][next] octeontx2-pf: Fix out-of-bounds read in otx2_get_fecparam()

2021-02-12 Thread Hariprasad Kelam

; Jesse > Brandeburg ; Christina Jacob > > Cc: net...@vger.kernel.org; linux-kernel@vger.kernel.org; Gustavo A. R. > Silva ; linux-harden...@vger.kernel.org > Subject: [EXT] [PATCH][next] octeontx2-pf: Fix out-of-bounds read in >

[PATCH][next] octeontx2-pf: Fix out-of-bounds read in otx2_get_fecparam()

2021-02-12 Thread Gustavo A. R. Silva

Code at line 967 implies that rsp->fwdata.supported_fec may be up to 4: 967: if (rsp->fwdata.supported_fec <= FEC_MAX_INDEX) If rsp->fwdata.supported_fec evaluates to 4, then there is an out-of-bounds read at line 971 because fec is an array with a maximum of 4 elements: 954 const int