Page MenuHomeFreeBSD
Differential D22859

oce: Tighten input validation for SIOCGI2C.
ClosedPublic
Actions

Authored by markj on Dec 17 2019, 9:24 PM.
Tags
None
Referenced Files
F103219024: D22859.id65760.diff
Fri, Nov 22, 8:35 AM
F103219019: D22859.id.diff
Fri, Nov 22, 8:35 AM
F103219002: D22859.id65787.diff
Fri, Nov 22, 8:35 AM
F103217489: D22859.diff
Fri, Nov 22, 8:15 AM
Unknown Object (File)
Thu, Nov 21, 4:00 PM
Unknown Object (File)
Oct 15 2024, 5:00 PM
Unknown Object (File)
Oct 1 2024, 6:15 PM
Unknown Object (File)
Oct 1 2024, 6:15 PM
View All 52 Files
Subscribers
emaste
imp

Details

Reviewers
delphij
ram
Commits
rS355885: oce: Tighten input validation in the SIOCGI2C handler.
Summary

We need to ensure that we do not read past the end of
sfp_vpd_dump_buffer. Currently it is possible to read 8 bytes beyond
its end. Note that the offset and length are uint8_t's.

Reported by: Ilja Van Sprundel <ivansprundel@ioactive.com>
MFC after: 3 days
Sponsored by: The FreeBSD Foundation

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Revision Contents
Changeset List

PathSize
head/
sys/
dev/
oce/
17 lines

Diff 65787

View Options

head/sys/dev/oce/oce_if.c

Loading...