[PATCH v2][next] octeontx2-pf: Fix out-of-bounds read warning in otx2_get_fecparam()
From: Gustavo A. R. Silva
Date: Fri Feb 12 2021 - 10:07:46 EST
Line at 967 implies that rsp->fwdata.supported_fec may be up to 4:
if (rsp->fwdata.supported_fec <= FEC_MAX_INDEX)
which would cause an out-of-bounds read at line 971:
fecparam->fec = fec[rsp->fwdata.supported_fec];
However, the range of values for rsp->fwdata.supported_fec is
0 to 3. Fix the if condition at line 967, accordingly.
Link: https://lore.kernel.org/lkml/MWHPR18MB142173B5F0541ABD3D59860CDE8B9@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/
Fixes: d0cf9503e908 ("octeontx2-pf: ethtool fec mode support")
Addresses-Coverity-ID: 1501722 ("Out-of-bounds read")
Suggested-by: Hariprasad Kelam <hkelam@xxxxxxxxxxx>
Signed-off-by: Gustavo A. R. Silva <gustavoars@xxxxxxxxxx>
---
Changes in v2:
- Fix if condition.
drivers/net/ethernet/marvell/octeontx2/nic/otx2_ethtool.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/net/ethernet/marvell/octeontx2/nic/otx2_ethtool.c b/drivers/net/ethernet/marvell/octeontx2/nic/otx2_ethtool.c
index 237e5d3321d4..f4962a97a075 100644
--- a/drivers/net/ethernet/marvell/octeontx2/nic/otx2_ethtool.c
+++ b/drivers/net/ethernet/marvell/octeontx2/nic/otx2_ethtool.c
@@ -964,7 +964,7 @@ static int otx2_get_fecparam(struct net_device *netdev,
if (IS_ERR(rsp))
return PTR_ERR(rsp);
- if (rsp->fwdata.supported_fec <= FEC_MAX_INDEX) {
+ if (rsp->fwdata.supported_fec < FEC_MAX_INDEX) {
if (!rsp->fwdata.supported_fec)
fecparam->fec = ETHTOOL_FEC_NONE;
else
--
2.27.0