From mboxrd@z Thu Jan 1 00:00:00 1970 From: David Miller Subject: Re: [PATCH][next] netdevsim: fix sa_idx out of bounds check Date: Mon, 02 Jul 2018 20:36:11 +0900 (KST) Message-ID: <20180702.203611.801501021039255132.davem@davemloft.net> References: <20180630203924.5121-1-colin.king@canonical.com> Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Cc: jakub.kicinski@netronome.com, netdev@vger.kernel.org, kernel-janitors@vger.kernel.org, linux-kernel@vger.kernel.org To: colin.king@canonical.com Return-path: In-Reply-To: <20180630203924.5121-1-colin.king@canonical.com> Sender: linux-kernel-owner@vger.kernel.org List-Id: netdev.vger.kernel.org From: Colin King Date: Sat, 30 Jun 2018 21:39:24 +0100 > From: Colin Ian King > > Currently if sa_idx is equal to NSIM_IPSEC_MAX_SA_COUNT then > an out-of-bounds read on ipsec->sa will occur. Fix the > incorrect bounds check by using >= rather than >. > > Detected by CoverityScan, CID#1470226 ("Out-of-bounds-read") > > Fixes: 7699353da875 ("netdevsim: add ipsec offload testing") > Signed-off-by: Colin Ian King Applied, thank you.