[CHECKER] 16 more potential buffer overruns in 2.5.48

From: Steven French (sfrench@us.ibm.com)
Date: Wed Nov 20 2002 - 11:56:12 EST


Andy,

In the four fs/cifs/smbdes.c (which is based on a similar password hash in
Samba) hits from your tool the code is a little strange looking but does
not have a buffer overrun. Apparently the tool is not checking the maximum
size of the index since although the s_box array is only 256 bytes in size,
the array index is an unsigned char and can not go beyond 255 and overrun
the array. As long as unsigned char can never go above 255 the code should
work. It might have be more readable if it were defined as a __u8
instead of an unsigned char.

Thanks.

Steve French
Senior Software Engineer
Linux Technology Center - IBM Austin
phone: 512-838-2294
email: sfrench@us.ibm.com

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Sat Nov 23 2002 - 22:00:32 EST