[PATCH] evh_bytechan: fix out of bounds accesses
Timur Tabi
timur at kernel.org
Tue Jan 14 12:10:11 AEDT 2020
On 1/13/20 2:25 PM, Stephen Rothwell wrote:
> The problem is not really the declaration, the problem is that
> ev_byte_channel_send always accesses 16 bytes from the buffer and it is
> not always passed a buffer that long (in one case it is passed a
> pointer to a single byte). So the alternative to the memcpy approach I
> have take is to complicate ev_byte_channel_send so that only accesses
> count bytes from the buffer.
Ah, I see now. This is all coming back to me.
I would prefer that ev_byte_channel_send() is updated to access only
'count' bytes. If that means adding a memcpy to the
ev_byte_channel_send() itself, then so be it. Trying to figure out how
to stuff n bytes into 4 32-bit registers is probably not worth the effort.
More information about the Linuxppc-dev
mailing list