[Bug 206581] bxe_ioctl_nvram handler is faulty
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Sun Jan 24 16:37:28 UTC 2016
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=206581
--- Comment #1 from CTurt <ecturt at gmail.com> ---
Sorry, forgot about the check:
if (len > sizeof(struct bxe_nvram_data)) {
So, the example I suggested wouldn't work.
But the lack of `copyin` being checked, is still valid. And there probably
should be some bound checks anyway.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-bugs
mailing list