bnxt: Do not read past the end of test names - linux

diff options

author	Kees Cook <keescook@chromium.org>	2023-01-18 21:35:01 +0100
committer	David S. Miller <davem@davemloft.net>	2023-01-20 13:52:29 +0100
commit	d3e599c090fc6977331150c5f0a69ab8ce87da21 (patch)
tree	1db25e15bbee6e4096513d4a9b711bf629594905 /net
parent	net: stmmac: enable all safety features by default (diff)
download	linux-d3e599c090fc6977331150c5f0a69ab8ce87da21.tar.xz linux-d3e599c090fc6977331150c5f0a69ab8ce87da21.zip

bnxt: Do not read past the end of test names

Test names were being concatenated based on a offset beyond the end of the first name, which tripped the buffer overflow detection logic: detected buffer overflow in strnlen [...] Call Trace: bnxt_ethtool_init.cold+0x18/0x18 Refactor struct hwrm_selftest_qlist_output to use an actual array, and adjust the concatenation to use snprintf() rather than a series of strncat() calls. Reported-by: Niklas Cassel <Niklas.Cassel@wdc.com> Link: https://lore.kernel.org/lkml/Y8F%2F1w1AZTvLglFX@x1-carbon/ Tested-by: Niklas Cassel <Niklas.Cassel@wdc.com> Fixes: eb51365846bc ("bnxt_en: Add basic ethtool -t selftest support.") Cc: Michael Chan <michael.chan@broadcom.com> Cc: "David S. Miller" <davem@davemloft.net> Cc: Eric Dumazet <edumazet@google.com> Cc: Jakub Kicinski <kuba@kernel.org> Cc: Paolo Abeni <pabeni@redhat.com> Cc: netdev@vger.kernel.org Signed-off-by: Kees Cook <keescook@chromium.org> Reviewed-by: Michael Chan <michael.chan@broadcom.com> Reviewed-by: Niklas Cassel <niklas.cassel@wdc.com> Signed-off-by: David S. Miller <davem@davemloft.net>

Diffstat (limited to '')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: