Re: [PATCH] iwlwifi: out-of-bounds access in iwl_init_sband_channels

From: Adrien Schildknecht
Date: Fri Aug 14 2015 - 03:04:28 EST


> On 08/14/2015 03:36 AM, Adrien Schildknecht wrote:
> > Both loops of this function compare data from the 'chan' array and
> > then check if the index is valid.
> >
> > The 2 conditions should be inverted to avoid an out-of-bounds
> > access.
> >
> Was that found by a static analyzer or any other automated tool, or
> was that the result of your very careful review?

The error has been reported by KASan:
BUG: KASan: out of bounds access in iwl_init_sband_channels+0x207/0x260 [iwlwifi] at addr ffff8800c2d0aac8
Read of size 4 by task modprobe/329

Adrien Schildknecht
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at