octeontx2-af: Fix possible buffer overflow (f8e2ec79) · Commits · Mirrors / git.yoctoproject.org / linux-yocto

Commit f8e2ec79 authored Nov 25, 2023 by

Elena Salomatkina Committed by Greg Kroah-Hartman Dec 08, 2023

octeontx2-af: Fix possible buffer overflow



[ Upstream commit ad31c629 ]

A loop in rvu_mbox_handler_nix_bandprof_free() contains
a break if (idx == MAX_BANDPROF_PER_PFFUNC),
but if idx may reach MAX_BANDPROF_PER_PFFUNC
buffer '(*req->prof_idx)[layer]' overflow happens before that check.

The patch moves the break to the
beginning of the loop.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Fixes: e8e095b3 ("octeontx2-af: cn10k: Bandwidth profiles config support").
Signed-off-by: Elena Salomatkina <elena.salomatkina.cmc@gmail.com>
Reviewed-by: Simon Horman <horms@kernel.org>
Reviewed-by: Subbaraya Sundeep <sbhatta@marvell.com>
Link: https://lore.kernel.org/r/20231124210802.109763-1-elena.salomatkina.cmc@gmail.com


Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>

parent 20bb3a96

Hide whitespace changes

Inline Side-by-side

Please register or to comment