Page MenuHomeFreeBSD
Differential D54177

lio: Avoid out-of-bounds read or write MAC address
ClosedPublic
Actions

Authored by zlei on Dec 11 2025, 4:24 PM.
Tags
None
Referenced Files
Unknown Object (File)
Thu, Jan 15, 1:00 AM
Unknown Object (File)
Wed, Jan 14, 7:54 AM
Unknown Object (File)
Dec 31 2025, 4:38 PM
Unknown Object (File)
Dec 29 2025, 4:23 PM
Unknown Object (File)
Dec 28 2025, 7:24 AM
Unknown Object (File)
Dec 28 2025, 1:44 AM
Unknown Object (File)
Dec 27 2025, 11:49 PM
Unknown Object (File)
Dec 19 2025, 12:42 AM
View All 18 Files
Subscribers
imp

Details

Reviewers
markj
Group Reviewers
network
Commits
rGf119719571b8: lio: Avoid out-of-bounds read or write MAC address
rGe8de565f6bb8: lio: Avoid out-of-bounds read or write MAC address
rGc162d7febbc8: lio: Avoid out-of-bounds read or write MAC address
rG094626d3a500: lio: Avoid out-of-bounds read or write MAC address
Summary

MFC after: 1 week

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

zlei created this revision.Dec 11 2025, 4:24 PM
Herald added a subscriber: imp. · View Herald TranscriptDec 11 2025, 4:24 PM
zlei requested review of this revision.Dec 11 2025, 4:24 PM
markj accepted this revision as: markj.Dec 14 2025, 5:15 PM

Good find.

sys/dev/liquidio/lio_main.c
1375–1376

Change 6 to ETHER_ADDR_LEN too?

This revision is now accepted and ready to land.Dec 14 2025, 5:15 PM
zlei added inline comments.Dec 15 2025, 9:36 AM
sys/dev/liquidio/lio_main.c
1375–1376

Actually this loop copying can be shortened by memcpy(). I'll update for better readability.

zlei updated this revision to Diff 168066.Dec 15 2025, 3:32 PM

Replaced loop copying with memcpy() for better readability.

This revision now requires review to proceed.Dec 15 2025, 3:32 PM
markj accepted this revision as: markj.Dec 15 2025, 9:26 PM
This revision is now accepted and ready to land.Dec 15 2025, 9:26 PM
Closed by commit rG094626d3a500: lio: Avoid out-of-bounds read or write MAC address (authored by zlei). · Explain WhyDec 16 2025, 4:42 AM
This revision was automatically updated to reflect the committed changes.
zlei added a commit: rG094626d3a500: lio: Avoid out-of-bounds read or write MAC address.
zlei added a comment.Dec 17 2025, 6:18 PM
In D54177#1238745, @markj wrote:

Good find.

Forgot to mention that I found this while hacking on a multicast filter bug related to qlnxe https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=290973 . The driver qlnxe read multicast ethernet address with a length ETHER_HDR_LEN which is unnecessary long.

zlei added a commit: rGc162d7febbc8: lio: Avoid out-of-bounds read or write MAC address.Sat, Jan 31, 5:05 PM
zlei added a commit: rGe8de565f6bb8: lio: Avoid out-of-bounds read or write MAC address.Sat, Jan 31, 6:31 PM
zlei added a commit: rGf119719571b8: lio: Avoid out-of-bounds read or write MAC address.Sat, Jan 31, 6:44 PM

Revision Contents
Changeset List

PathSize
sys/
dev/
liquidio/
4 lines
10 lines

Diff 168163

View Options

sys/dev/liquidio/lio_ioctl.c

Loading...
View Options

sys/dev/liquidio/lio_main.c

Loading...