[v2 PATCH] lib/mpi: Fix buffer overrun when SG is too long
Herbert Xu
herbert at gondor.apana.org.au
Fri Dec 23 06:25:16 UTC 2022
On Wed, Dec 21, 2022 at 12:53:29PM -0800, Eric Biggers wrote:
>
> That's fine, I guess. One quirk of the above approach is that if the last
> needed element of the scatterlist has a lot of extra pages, this will iterate
> through all those extra pages, processing 0 bytes from each. It could just stop
> when done. I suppose it's not worth worrying about that case, though.
Ideally this should be handled in the sg_miter interface, IOW,
it should allow us to cap the SG list at a certain number of bytes
as opposed to a certain number of entries.
Cheers,
--
Email: Herbert Xu <herbert at gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
More information about the Linux-security-module-archive
mailing list