Re: [PATCH] net: ipv6: fix slab-out-of-bounds Read in __xfrm6_tunnel_spi_check

From: David Miller
Date: Tue Jul 28 2020 - 20:33:46 EST

Next message: Samuel Thibault: "[PATCHv2] staging/speakup: Move out of staging"
Previous message: Hyun Kwon: "Re: [PATCH -next] drm: xlnx: Fix typo in parameter description"
In reply to: kernel test robot: "Re: [PATCH] net: ipv6: fix slab-out-of-bounds Read in __xfrm6_tunnel_spi_check"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: B K Karthik <bkkarthik@xxxxxxxxxxxx>
Date: Sat, 25 Jul 2020 19:00:31 +0530

> use spi_byaddr instead of spi_byspi
...
> diff --git a/net/ipv6/xfrm6_tunnel.c b/net/ipv6/xfrm6_tunnel.c
> index 25b7ebda2fab..cab7693ccfe3 100644
> --- a/net/ipv6/xfrm6_tunnel.c
> +++ b/net/ipv6/xfrm6_tunnel.c
> @@ -103,10 +103,10 @@ static int __xfrm6_tunnel_spi_check(struct net *net, u32 spi)
> {
> struct xfrm6_tunnel_net *xfrm6_tn = xfrm6_tunnel_pernet(net);
> struct xfrm6_tunnel_spi *x6spi;
> - int index = xfrm6_tunnel_spi_hash_byspi(spi);
> + int index = xfrm6_tunnel_spi_hash_byaddr(spi);

You are passing a u32 integer into a function that expects a pointer as an
argument.

This change isn't even compile tested properly, let alone run tested.

Please stop making such careless submissions, this takes up valuable
developer patch review resources.

Thank you.

Next message: Samuel Thibault: "[PATCHv2] staging/speakup: Move out of staging"
Previous message: Hyun Kwon: "Re: [PATCH -next] drm: xlnx: Fix typo in parameter description"
In reply to: kernel test robot: "Re: [PATCH] net: ipv6: fix slab-out-of-bounds Read in __xfrm6_tunnel_spi_check"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]