Kees Cook 1c200f832e net: qed: Fix memcpy() overflow of qed_dcbx_params() ... The source (&dcbx_info->operational.params) and dest (&p_hwfn->p_dcbx_info->set.config.params) are both struct qed_dcbx_params (560 bytes), not struct qed_dcbx_admin_params (564 bytes), which is used as the memcpy() size. However it seems that struct qed_dcbx_operational_params (dcbx_info->operational)'s layout matches struct qed_dcbx_admin_params (p_hwfn->p_dcbx_info->set.config)'s 4 byte difference (3 padding, 1 byte for "valid"). On the assumption that the size is wrong (rather than the source structure type), adjust the memcpy() size argument to be 4 bytes smaller and add a BUILD_BUG_ON() to validate any changes to the structure sizes. Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: David S. Miller <davem@davemloft.net>		2021-06-17 12:14:51 -07:00
..
netxen	netxen_nic: Fix an error handling path in 'netxen_nic_probe()'	2021-06-14 12:17:01 -07:00
qed	net: qed: Fix memcpy() overflow of qed_dcbx_params()	2021-06-17 12:14:51 -07:00
qede	qede: Use 'skb_add_rx_frag()' instead of hand coding it	2021-04-05 11:59:33 -07:00
qlcnic	qlcnic: Fix an error handling path in 'qlcnic_probe()'	2021-06-14 12:16:07 -07:00
Kconfig	qed: select CONFIG_CRC32	2021-01-05 15:50:36 -08:00
Makefile	qlge: Move drivers/net/ethernet/qlogic/qlge/ to drivers/staging/qlge/	2019-07-23 11:29:40 -07:00
qla3xxx.c	net/qla3xxx: fix schedule while atomic in ql_sem_spinlock	2021-05-20 15:47:42 -07:00
qla3xxx.h	net/qla3xxx: Convert to SPDX license identifiers	2020-09-16 14:32:31 +02:00