* [iproute PATCH] macsec: fix input range of 'icvlen' parameter
@ 2016-09-09 14:02 Davide Caratti
2016-09-09 14:15 ` Phil Sutter
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: Davide Caratti @ 2016-09-09 14:02 UTC (permalink / raw)
To: netdev; +Cc: Sabrina Dubroca, Phil Sutter, Stephen Hemminger
the maximum possible ICV length in a MACsec frame is 16 octects, not 32:
fix get_icvlen() accordingly, so that a proper error message is displayed
in case input 'icvlen' is greater than 16.
Signed-off-by: Davide Caratti <dcaratti@redhat.com>
---
ip/ipmacsec.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/ip/ipmacsec.c b/ip/ipmacsec.c
index 2e670e9..127fa1e 100644
--- a/ip/ipmacsec.c
+++ b/ip/ipmacsec.c
@@ -152,9 +152,9 @@ static void get_icvlen(__u8 *icvlen, char *arg)
if (ret)
invarg("expected ICV length", arg);
- if (*icvlen < MACSEC_MIN_ICV_LEN || *icvlen > MACSEC_MAX_ICV_LEN)
+ if (*icvlen < MACSEC_MIN_ICV_LEN || *icvlen > MACSEC_STD_ICV_LEN)
invarg("ICV length must be in the range {"
- STR(MACSEC_MIN_ICV_LEN) ".." STR(MACSEC_MAX_ICV_LEN)
+ STR(MACSEC_MIN_ICV_LEN) ".." STR(MACSEC_STD_ICV_LEN)
"}", arg);
}
--
2.5.5
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [iproute PATCH] macsec: fix input range of 'icvlen' parameter
2016-09-09 14:02 [iproute PATCH] macsec: fix input range of 'icvlen' parameter Davide Caratti
@ 2016-09-09 14:15 ` Phil Sutter
2016-09-09 15:53 ` Sabrina Dubroca
2016-09-20 16:49 ` Stephen Hemminger
2 siblings, 0 replies; 4+ messages in thread
From: Phil Sutter @ 2016-09-09 14:15 UTC (permalink / raw)
To: Davide Caratti; +Cc: netdev, Sabrina Dubroca, Stephen Hemminger
On Fri, Sep 09, 2016 at 04:02:22PM +0200, Davide Caratti wrote:
> the maximum possible ICV length in a MACsec frame is 16 octects, not 32:
> fix get_icvlen() accordingly, so that a proper error message is displayed
> in case input 'icvlen' is greater than 16.
>
> Signed-off-by: Davide Caratti <dcaratti@redhat.com>
Acked-by: Phil Sutter <phil@nwl.cc>
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [iproute PATCH] macsec: fix input range of 'icvlen' parameter
2016-09-09 14:02 [iproute PATCH] macsec: fix input range of 'icvlen' parameter Davide Caratti
2016-09-09 14:15 ` Phil Sutter
@ 2016-09-09 15:53 ` Sabrina Dubroca
2016-09-20 16:49 ` Stephen Hemminger
2 siblings, 0 replies; 4+ messages in thread
From: Sabrina Dubroca @ 2016-09-09 15:53 UTC (permalink / raw)
To: Davide Caratti; +Cc: netdev, Phil Sutter, Stephen Hemminger
2016-09-09, 16:02:22 +0200, Davide Caratti wrote:
> the maximum possible ICV length in a MACsec frame is 16 octects, not 32:
> fix get_icvlen() accordingly, so that a proper error message is displayed
> in case input 'icvlen' is greater than 16.
>
> Signed-off-by: Davide Caratti <dcaratti@redhat.com>
Acked-by: Sabrina Dubroca <sd@queasysnail.net>
--
Sabrina
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [iproute PATCH] macsec: fix input range of 'icvlen' parameter
2016-09-09 14:02 [iproute PATCH] macsec: fix input range of 'icvlen' parameter Davide Caratti
2016-09-09 14:15 ` Phil Sutter
2016-09-09 15:53 ` Sabrina Dubroca
@ 2016-09-20 16:49 ` Stephen Hemminger
2 siblings, 0 replies; 4+ messages in thread
From: Stephen Hemminger @ 2016-09-20 16:49 UTC (permalink / raw)
To: Davide Caratti; +Cc: netdev, Sabrina Dubroca, Phil Sutter
On Fri, 9 Sep 2016 16:02:22 +0200
Davide Caratti <dcaratti@redhat.com> wrote:
> the maximum possible ICV length in a MACsec frame is 16 octects, not 32:
> fix get_icvlen() accordingly, so that a proper error message is displayed
> in case input 'icvlen' is greater than 16.
>
> Signed-off-by: Davide Caratti <dcaratti@redhat.com>
Applied
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2016-09-20 16:48 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-09-09 14:02 [iproute PATCH] macsec: fix input range of 'icvlen' parameter Davide Caratti
2016-09-09 14:15 ` Phil Sutter
2016-09-09 15:53 ` Sabrina Dubroca
2016-09-20 16:49 ` Stephen Hemminger
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).