From nobody Tue Dec 12 00:30:13 2023 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4SpzzB0xn5z54JFW; Tue, 12 Dec 2023 00:30:14 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4SpzzB0LyFz3Nq9; Tue, 12 Dec 2023 00:30:14 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1702341014; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=WLX4RZKMep36kOcfKsBenCgzPd/jq+/MwjK2He3kT1c=; b=PK6EjAky7qM3Wx3zP3lC99QX5hx3turLzLzqF0ytp/JHPgyGEB5qDDZhFtz7BI1dwoNjbF 0R0I2Do311yquQ+KVKtwhe3toU36Pn2ZzxsObYD/QpPS2tq+lrfJ6vDgNRVgGVqQvcYqh+ mfkhkNfUkV+RETqoJE8is1WXHoHu+r5CrX/zyJb3cnY6hC6XA2/YnXmwRZf5mfv7KkiepE vf7/s4BlCYb+yJqH33cSGzfZ5Lz1LrSiizSDKUW+yXche8behEBl3vPuYEB36OorDqOKFh UKbWAC+C9epIwxPKB40znUOs4ogwIhC/6Y01ctvZdpMtdYfboL8r3HqkRWt1JQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1702341014; a=rsa-sha256; cv=none; b=M6Nw4mHrp+FhtgAA1bQrNkYtOwYTAgKxntmvgjtzaQDH5fVfINdjYG2oN4v0jhYS2Wy09E wbR2OhAz5L5Y0IsB1PnjV9Ek6q+ewBOGZ15y4J1E3oLlgalMzcqj29loL29YGv7v9vNdQz y+VxBSU+Z5Q3rFjTqgJD6w+V4C/g66APlOCW7P4J4P/URut5u9drjHl6UHThooqeRjphBr YFnyWISFo03NibrgZ5N3PD62QzlZxgmZ9/ZSuSmVNjmnXJIvNUF98B6NyJFjby54WpwJYN ZMoyzKY+T7kI1+KFgTJY7aa7S6Lf+jDxx9NSAV4zQhckDL8+6iKXzlL4y9aCRg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1702341014; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=WLX4RZKMep36kOcfKsBenCgzPd/jq+/MwjK2He3kT1c=; b=xb0vhljWiTacTvKoLw6BB2GxkaUAu/NBTqXXPFrsqKzpV8LMHcJfwidK904gJgZHa/w1hO fWAaN/LaAVZfGLdyreVEQmS/UjHnldKm4PGtGJ8lLBelyEXVhIY93SUt6XieADf7j1xYnW J+PW0kP7SxyuKJYuqwyFEy5xVyVuDGDYH4UR2yV3L3n3b9mpW60lNDNd4Vrs9xHBId+0x5 +V4eCFlF2eQjhY8Ynm7bAWQEnW4FIY8TcQ8fVNkvEL+Nhp8XA/e4ddC+QfAGuJTtARyLBE nv4sqjJ0GzuyJaFmKL7T+HMtlkl1+g/Gad+2U3DmobC0Qo9tUZV5dlcEgf/yqA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Spzz96PrszspM; Tue, 12 Dec 2023 00:30:13 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BC0UDTE000295; Tue, 12 Dec 2023 00:30:13 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BC0UDaW000290; Tue, 12 Dec 2023 00:30:13 GMT (envelope-from git) Date: Tue, 12 Dec 2023 00:30:13 GMT Message-Id: <202312120030.3BC0UDaW000290@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: d264ddb9c7f8 - stable/14 - bhnd: Correct the softc size in the siba_bhndb_driver definition List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-all@freebsd.org X-BeenThere: dev-commits-src-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: d264ddb9c7f8739be22170ec660110a0f4c2ec8f Auto-Submitted: auto-generated The branch stable/14 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=d264ddb9c7f8739be22170ec660110a0f4c2ec8f commit d264ddb9c7f8739be22170ec660110a0f4c2ec8f Author: Mark Johnston AuthorDate: 2023-12-05 18:47:03 +0000 Commit: Mark Johnston CommitDate: 2023-12-12 00:30:05 +0000 bhnd: Correct the softc size in the siba_bhndb_driver definition struct siba_bhndb_softc embeds struct siba_softc and adds an extra field, "quirks". In practice, this bug was harmless since "quirks" is unconditionally initialized during driver attach and would have lived in the redzone of the softc allocation, but KASAN catches the out-of-bounds access. PR: 275515 Reported by: Frank Hilgendorf MFC after: 1 week (cherry picked from commit 4c3aa00c0a0093c78f42d138bb9eef9b1a7cbb39) --- sys/dev/bhnd/siba/siba_bhndb.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/dev/bhnd/siba/siba_bhndb.c b/sys/dev/bhnd/siba/siba_bhndb.c index b806f9535e73..59243be18938 100644 --- a/sys/dev/bhnd/siba/siba_bhndb.c +++ b/sys/dev/bhnd/siba/siba_bhndb.c @@ -286,7 +286,7 @@ static device_method_t siba_bhndb_methods[] = { }; DEFINE_CLASS_2(bhnd, siba_bhndb_driver, siba_bhndb_methods, - sizeof(struct siba_softc), bhnd_bhndb_driver, siba_driver); + sizeof(struct siba_bhndb_softc), bhnd_bhndb_driver, siba_driver); DRIVER_MODULE(siba_bhndb, bhndb, siba_bhndb_driver, NULL, NULL);