Re: [PATCH] crypto: zip - Memory corruption in zip_clear_stats()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sat, Mar 18, 2017 at 11:24:34AM +0100, walter harms wrote:
> 
> 
> Am 17.03.2017 21:46, schrieb Dan Carpenter:
> > There is a typo here.  It should be "stats" instead of "state".  The
> > impact is that we clear 224 bytes instead of 80 and we zero out memory
> > that we shouldn't.
> > 
> > Fixes: 09ae5d37e093 ("crypto: zip - Add Compression/Decompression statistics")
> > Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
> > 
> > diff --git a/drivers/crypto/cavium/zip/zip_main.c b/drivers/crypto/cavium/zip/zip_main.c
> > index 0951e20b395b..6ff13d80d82e 100644
> > --- a/drivers/crypto/cavium/zip/zip_main.c
> > +++ b/drivers/crypto/cavium/zip/zip_main.c
> > @@ -530,7 +530,7 @@ static int zip_clear_stats(struct seq_file *s, void *unused)
> >  	for (index = 0; index < MAX_ZIP_DEVICES; index++) {
> >  		if (zip_dev[index]) {
> >  			memset(&zip_dev[index]->stats, 0,
> > -			       sizeof(struct zip_state));
> > +			       sizeof(struct zip_stats));
> 
> 
> as future FIXME some show find a name that differ in more than just the last char.
> NTL maybe
>  sizeof(zip_dev[index]->stats)
> can be used here ?

That's sort of unweildy.  I don't fear that change because I'm confident
I would catch it with static analysis.

regards,
dan carpenter




[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux