Re: [PATCH][next] netdevsim: fix sa_idx out of bounds check

From: David Miller
Date: Mon Jul 02 2018 - 07:36:18 EST


From: Colin King <colin.king@xxxxxxxxxxxxx>
Date: Sat, 30 Jun 2018 21:39:24 +0100

> From: Colin Ian King <colin.king@xxxxxxxxxxxxx>
>
> Currently if sa_idx is equal to NSIM_IPSEC_MAX_SA_COUNT then
> an out-of-bounds read on ipsec->sa will occur. Fix the
> incorrect bounds check by using >= rather than >.
>
> Detected by CoverityScan, CID#1470226 ("Out-of-bounds-read")
>
> Fixes: 7699353da875 ("netdevsim: add ipsec offload testing")
> Signed-off-by: Colin Ian King <colin.king@xxxxxxxxxxxxx>

Applied, thank you.