Page MenuHomeFreeBSD

sfxge(4): check buffer size for hash flags
ClosedPublic

Authored by arybchik on Nov 21 2018, 11:56 AM.
Tags
None
Referenced Files
Unknown Object (File)
Fri, Sep 26, 6:50 PM
Unknown Object (File)
Sep 13 2025, 10:23 PM
Unknown Object (File)
Sep 13 2025, 5:03 PM
Unknown Object (File)
Sep 13 2025, 4:20 PM
Unknown Object (File)
Sep 13 2025, 9:14 AM
Unknown Object (File)
Sep 13 2025, 7:01 AM
Unknown Object (File)
Sep 13 2025, 1:41 AM
Unknown Object (File)
Aug 30 2025, 5:17 PM
Subscribers

Details

Summary

The efx_rx_scale_hash_flags_get interface is unsafe, as it does not
have an argument for the size of the output buffer used to return
the flags. While the only caller currently supplies a sufficiently
large buffer, this should be checked at runtime to avoid writing
past the end of the buffer.

Submitted by: Ivan Malov <ivan.malov at oktetlabs.ru>
Sponsored by: Solarflare Communications, Inc.

Test Plan

amd64 tinderbox kernel builds tested
driver loaded/unloaded, interfaces up/down, traffic works fine

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

This revision was not accepted when it landed; it landed in state Needs Review.Nov 30 2018, 7:07 AM
This revision was automatically updated to reflect the committed changes.