[Bug 206581] bxe_ioctl_nvram handler is faulty

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Sun Jan 24 16:37:28 UTC 2016


--- Comment #1 from CTurt <ecturt at gmail.com> ---
Sorry, forgot about the check:

    if (len > sizeof(struct bxe_nvram_data)) {

So, the example I suggested wouldn't work.

But the lack of `copyin` being checked, is still valid. And there probably
should be some bound checks anyway.

You are receiving this mail because:
You are the assignee for the bug.

More information about the freebsd-bugs mailing list