Re: Re: [PATCH 1/2] cmd64x: potential buffer overflow in cmd64x_program_timings()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

On 1/20/20 2:40 PM, David Miller wrote:
> From: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
> Date: Tue, 7 Jan 2020 16:04:41 +0300
> 
>> The "drive->dn" value is a u8 and it is controlled by root only, but
>> it could be out of bounds here so let's check.

drive->dn should not be root controllable, please point me where it
happens as this may need fixing instead of cmd64x driver.

[ IDE core makes sure that drive->dn is never > 3 and a lot of code
  assumes it. ]

>> Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
> 
> Applied. 
Best regards,
--
Bartlomiej Zolnierkiewicz
Samsung R&D Institute Poland
Samsung Electronics



[Index of Archives]     [Linux Filesystems]     [Linux SCSI]     [Linux RAID]     [Git]     [Kernel Newbies]     [Linux Newbie]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Samba]     [Device Mapper]

  Powered by Linux