Hi List,
Don't have much experience and knowledge in that area.
Found this:
Checked out a few drivers code and wondered if anybody did a variant analysis of this (possibly yes?) However, it seems like Kernel drivers code for gl620a.c and lg-vl600.c (quick search) don't "Make sure that the bounds of the metadata array are inside the SKB (and in front of the counter at the end)."
Example from gl620a.c
I think, there is no check for:
/* Make sure that the bounds of the metadata array are inside the SKB
* (and in front of the counter at the end).
*/
if (pkt_cnt * 2 + hdr_off > skb->len)
return 0;
* (and in front of the counter at the end).
*/
if (pkt_cnt * 2 + hdr_off > skb->len)
return 0;
Most likely false positive. Would be great to verify this and learn about it.
Thanks,
Marcin