Received: by 2002:ab2:6d45:0:b0:1fb:d597:ff75 with SMTP id d5csp348463lqr; Wed, 5 Jun 2024 07:53:14 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCX7kzpefrnFNpTeViIMTjmelZofS2Lzq18TIpAGdlz1z/wtMyqFxrJlWRGGSiyHhIzQI7Ru6tUYOUp4kwjcnSatorOaMPsRXPHrSEHRNg== X-Google-Smtp-Source: AGHT+IHovQwac4kUe+FI5jvZ7Fek/4hb9o+K/emDUtbK89cJ0Qqpn9TMZVsHhiXcZ6CRGBJXAolz X-Received: by 2002:a05:6e02:2186:b0:36d:ac95:73ba with SMTP id e9e14a558f8ab-374b1ee298amr31383745ab.7.1717599194583; Wed, 05 Jun 2024 07:53:14 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1717599194; cv=pass; d=google.com; s=arc-20160816; b=fya4mq/R8u4GwKA4RNfnsnjnQ79hbMV/TtNqDb1ayedvv+I9MRckcBh1p9UcGL0GHp 0kGQIm9XAMPqNp2lxoJd7a4c6iYsz0jFhEmfy97bcKMlH4ud8IRs2qme6f+6EluYZMdY m8Z/5Z+YmbTrbAa9zZqBv/zLAJBc0J40IbzLlSvlIh3zQXrrpXRtKXY5bGvtDeLUks5v c8O+eBvbzzIkK5QjhCsxNfJZwB5HhpmFazpke/AbecsGCwKvsutmWycVzbjt7KrBJZhw QrU9tKCX++607vxbOIrioBLnTgP1F+drtBNxJ2pL5c7pBCRKwoVc4203zmB4OXutP8Yr sytw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:mail-followup-to :message-id:subject:cc:to:from:date; bh=L2AkBI7MR/jGoezM8IMEMb9I0k67vgoFkZlfdI51ElY=; fh=VYtENxiA7cpQlcPInhsQxUESGGbx//5z9D0PkjknzHU=; b=BZhZAqvQrZ12FcZp72/egA5yOWd38OIAMBZXZE9A/gCuv5CI+rzBVyf3rRknQfWK5X kAl/nKSowHtmkNCUzUuYQGNfgL6SF+ebl2JjZAI/UegHnNO/9i5CQyUN2QHtuLvzUSOb E3xNxtt6FUVHH3ujnBrGasq9p35bOoyAh/gbCIRH/h7b6CMqUDYUqrH2q3psuXIsUYYJ b0Ov66p6IYIS0ABAcNkZ8xxFjU+CcznWdMtbGy2JzEjGa9ThxwN0KjFhO/MbrjOdMxuy iekCtr58wEJVsF7dAo8zY93gxQHH9w6Ez1TvMGHmWsixeW/eS3nDOvU0xqKH1mZV4Kk8 MvOA==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; arc=pass (i=1 spf=pass spfdomain=gentoo.org dmarc=pass fromdomain=gentoo.org); spf=pass (google.com: domain of linux-wireless+bounces-8565-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-wireless+bounces-8565-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=gentoo.org Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id 41be03b00d2f7-6c35b40c78esi80607a12.529.2024.06.05.07.53.14 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 05 Jun 2024 07:53:14 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-wireless+bounces-8565-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; arc=pass (i=1 spf=pass spfdomain=gentoo.org dmarc=pass fromdomain=gentoo.org); spf=pass (google.com: domain of linux-wireless+bounces-8565-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-wireless+bounces-8565-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=gentoo.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 16129283827 for ; Wed, 5 Jun 2024 14:53:02 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id AE22027701; Wed, 5 Jun 2024 14:52:59 +0000 (UTC) X-Original-To: linux-wireless@vger.kernel.org Received: from smtp.gentoo.org (woodpecker.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 49C3F25774; Wed, 5 Jun 2024 14:52:57 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=140.211.166.183 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1717599179; cv=none; b=YuGkl7T5JZQqtgW9ZJXIcZy+yVVbplCK1rEoPSWnEUeimWL5rOD6cWHwoL/Wcb+EchK4/d4lMsy9WHd3W/bYehf1U64B+5U4fS7Yf1Y8ourBIZSDkQePiZT86xsojkUMlxr5k/3935tjmo7tLBSSSvhugGCjgDun+E10U/UtAcM= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1717599179; c=relaxed/simple; bh=yRIHKxkExUCcCNbOOTqd0FldNUHY9LI103BRj3sfAFE=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=JypRuyRDDq5iw/rBC9dBvCOKffB+LBnvKwSB9N4+glqPswQLO2YL1PNcyRmNnHVxZP2+LcQLQIjqy1Jn5vJ9vdU/7c51sRERAilDdA5bSI8oay2O2vBMQrSEHy6d1Iqw9VC5cyXex8Wx5LtuGp7kEJuP1vIkRDcAvQRX2T/Uw2I= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gentoo.org; spf=pass smtp.mailfrom=gentoo.org; arc=none smtp.client-ip=140.211.166.183 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gentoo.org Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gentoo.org Date: Wed, 5 Jun 2024 10:52:53 -0400 From: Kenton Groombridge To: Johannes Berg Cc: davem@davemloft.net, edumazet@google.com, kuba@kernel.org, pabeni@redhat.com, linux-wireless@vger.kernel.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, Kees Cook Subject: Re: [PATCH v2] wifi: mac80211: Avoid address calculations via out of bounds array indexing Message-ID: Mail-Followup-To: Johannes Berg , davem@davemloft.net, edumazet@google.com, kuba@kernel.org, pabeni@redhat.com, linux-wireless@vger.kernel.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, Kees Cook References: <20240517145420.8891-1-concord@gentoo.org> Precedence: bulk X-Mailing-List: linux-wireless@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="6uvcipftoi6mlx2a" Content-Disposition: inline In-Reply-To: --6uvcipftoi6mlx2a Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 24/06/04 09:29PM, Johannes Berg wrote: > Looking at your patch again, this seems wrong? >=20 > > + local->hw_scan_req->req.channels[*n_chans++] =3D > > req->channels[i]; > >=20 >=20 > This will increment n_chans rather than *n_chans, no? >=20 Ah ha! A silly mistake that I missed. V3 to follow soon. --=20 Kenton Groombridge Gentoo Linux Developer, SELinux Project --6uvcipftoi6mlx2a Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQKTBAABCgB9FiEEP+u3AkfbrORB/inCFt7v5V9Ft54FAmZge8BfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDNG RUJCNzAyNDdEQkFDRTQ0MUZFMjlDMjE2REVFRkU1NUY0NUI3OUUACgkQFt7v5V9F t57bKhAAynN8R9v+lYN7ApnatMLAGRD244uYlzCDJPmBILAbfKcrg2vgm+qPJusl 4Cwkwho370rRdRtaDqsgC9eWwRGQpJ1UZ/aq55KAI0PPtphAdXx5MqEmX7Od1aUb m9Nj9LLEZhL+zdIkNIP3bDRomHDCBaywzJ/mZZg+r2Edr2PUEPYsNhBM2zemvQ08 s17K9eQooclY+fMxDGj08Em462cZ6vv5zHO4nEtTvThv+S1dPpCG9vFXreAnEckM sVzLDGLII97RlXIHgNKyIIN660fuIfc7O6si1W++KaDxd6j+x0NBovGwOkTPA5hM IDYLIt+1OG2MY4QlG32NQl3UvfsNtCjjraQcwyU5ZhT45r3W/eL6tD7JcBvLRb/4 OKmO+sSzTAiXZ5sXOdTkIWbiqZno6vkLOsLNnxAwofHUcj0JKv8lvIHGdaxxvqhN yMDmKye1XdDviSggWn2cAyiovXHrcvZYYQP5LPc72DYmtXtbrIRZEKp+HmOksWBN ncr5VCfbcBjqeTYCUwoWU8dLE5bHR4pMZCDHUtLYAordXEB2YHavhLNKyB+QZ1m+ s1ZyYZoz7mS6jKxphRaVrwLrQZaCn9hm9zbYx2LN6tfz3NCsV1AHoacoOUfLz/ah j1Av1LZFwOTw+pMmryTt/NI+kJvdGIp4yfEUSB8JCos3+m3zsJk= =6g5W -----END PGP SIGNATURE----- --6uvcipftoi6mlx2a--