iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

nvme-auth: fix off by one checks

Browse Source 
The > ARRAY_SIZE() checks need to be >= ARRAY_SIZE() to prevent reading
one element beyond the end of the arrays.

Fixes: db1312dd95 ("nvmet: implement basic In-Band Authentication")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Reviewed-by: Hannes Reinecke <hare@suse.de>
Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
This commit is contained in:
Dan Carpenter 2022-07-18 14:09:32 +03:00 committed by Jens Axboe
parent a25d426158
commit 4daf7fa07e
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
drivers/nvme/common/auth.c
View File

@ -55,7 +55,7 @@ static struct nvme_auth_dhgroup_map {
const char *nvme_auth_dhgroup_name(u8 dhgroup_id)
{
if (dhgroup_id > ARRAY_SIZE(dhgroup_map))
if (dhgroup_id >= ARRAY_SIZE(dhgroup_map))
return NULL;
return dhgroup_map[dhgroup_id].name;
}
@ -63,7 +63,7 @@ EXPORT_SYMBOL_GPL(nvme_auth_dhgroup_name);
const char *nvme_auth_dhgroup_kpp(u8 dhgroup_id)
{
if (dhgroup_id > ARRAY_SIZE(dhgroup_map))
if (dhgroup_id >= ARRAY_SIZE(dhgroup_map))
return NULL;
return dhgroup_map[dhgroup_id].kpp;
}
@ -110,7 +110,7 @@ static struct nvme_dhchap_hash_map {
const char *nvme_auth_hmac_name(u8 hmac_id)
{
if (hmac_id > ARRAY_SIZE(hash_map))
if (hmac_id >= ARRAY_SIZE(hash_map))
return NULL;
return hash_map[hmac_id].hmac;
}
@ -118,7 +118,7 @@ EXPORT_SYMBOL_GPL(nvme_auth_hmac_name);
const char *nvme_auth_digest_name(u8 hmac_id)
{
if (hmac_id > ARRAY_SIZE(hash_map))
if (hmac_id >= ARRAY_SIZE(hash_map))
return NULL;
return hash_map[hmac_id].digest;
}
@ -144,7 +144,7 @@ EXPORT_SYMBOL_GPL(nvme_auth_hmac_id);
size_t nvme_auth_hmac_hash_len(u8 hmac_id)
{
if (hmac_id > ARRAY_SIZE(hash_map))
if (hmac_id >= ARRAY_SIZE(hash_map))
return 0;
return hash_map[hmac_id].len;
}