Page MenuHomeFreeBSD

lio: Avoid out-of-bounds read or write MAC address
ClosedPublic

Authored by zlei on Dec 11 2025, 4:24 PM.
Tags
None
Referenced Files
Unknown Object (File)
Fri, Jul 17, 9:37 PM
Unknown Object (File)
Thu, Jul 16, 10:22 AM
Unknown Object (File)
Wed, Jul 15, 6:58 AM
Unknown Object (File)
Wed, Jul 15, 6:58 AM
Unknown Object (File)
Mon, Jul 13, 7:22 AM
Unknown Object (File)
Sun, Jul 12, 11:59 PM
Unknown Object (File)
Tue, Jul 7, 8:24 AM
Unknown Object (File)
Sun, Jul 5, 6:09 AM
Subscribers

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

zlei requested review of this revision.Dec 11 2025, 4:24 PM

Good find.

sys/dev/liquidio/lio_main.c
1375–1376

Change 6 to ETHER_ADDR_LEN too?

This revision is now accepted and ready to land.Dec 14 2025, 5:15 PM
sys/dev/liquidio/lio_main.c
1375–1376

Actually this loop copying can be shortened by memcpy(). I'll update for better readability.

Replaced loop copying with memcpy() for better readability.

This revision now requires review to proceed.Dec 15 2025, 3:32 PM
This revision is now accepted and ready to land.Dec 15 2025, 9:26 PM

Good find.

Forgot to mention that I found this while hacking on a multicast filter bug related to qlnxe https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=290973 . The driver qlnxe read multicast ethernet address with a length ETHER_HDR_LEN which is unnecessary long.