]> git.ipfire.org Git - thirdparty/kernel/stable.git/commit
projects / thirdparty / kernel / stable.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 91e21df) | patch
be2net: Fix buffer overflow in be_get_module_eeprom
authorHristo Venev <hristo@venev.name>
Sat, 16 Jul 2022 08:51:34 +0000 (11:51 +0300)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Fri, 29 Jul 2022 15:05:46 +0000 (17:05 +0200)
commita5a8fc0679a8fd58d47aa2ebcfc5742631f753f9
tree9a5e79044fd08e7129a8bd599e69c44f12b5a9b0tree | snapshot
parent91e21df688f8a75255ca9c459da39ac96300113acommit | diff
be2net: Fix buffer overflow in be_get_module_eeprom

[ Upstream commit d7241f679a59cfe27f92cb5c6272cb429fb1f7ec ]

be_cmd_read_port_transceiver_data assumes that it is given a buffer that
is at least PAGE_DATA_LEN long, or twice that if the module supports SFF
8472. However, this is not always the case.

Fix this by passing the desired offset and length to
be_cmd_read_port_transceiver_data so that we only copy the bytes once.

Fixes: e36edd9d26cf ("be2net: add ethtool "-m" option support")
Signed-off-by: Hristo Venev <hristo@venev.name>
Link: https://lore.kernel.org/r/20220716085134.6095-1-hristo@venev.name
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
drivers/net/ethernet/emulex/benet/be_cmds.c diff | blob | blame | history
drivers/net/ethernet/emulex/benet/be_cmds.h diff | blob | blame | history
drivers/net/ethernet/emulex/benet/be_ethtool.c diff | blob | blame | history
Mirror https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git