On Tue, Oct 24, 2006 at 10:12:24PM -0400, Pavel Roskin wrote:
> Coverity has no means to interpret CIS. However, it may understand
> kmalloc, which allocates CIS_MAX_LEN for the CIS copy.
>
> The value of cis[pos + 1] has no bearing on the validity of the access
> to cis[pos + 5] from the point
Hello, Jouni!
On Fri, 2006-10-20 at 18:19 -0700, Jouni Malinen wrote:
> On Fri, Oct 20, 2006 at 06:20:15PM -0400, Pavel Roskin wrote:
>
> > The record length for numerical manufacturer ID should be at least 4
> > bytes (two 16-bit words). The code required 5 bytes, which would break
> > for mos
On Tue, Oct 24, 2006 at 08:48:09PM -0400, Pavel Roskin wrote:
> I don't have Coverity to check, and I think the results of Coverity were
> misinterpreted. It doesn't know anything about CIS structure. Anyway,
> let me just check Jouni's suggestion on a real PLX card.
It doesn't need to know any
On Tue, 2006-10-24 at 20:37 -0400, John W. Linville wrote:
> Will you be refactoring this patch? Or do you disagree with Jouni's
> assessment?
OK, give me an hour to produce a better patch. My patch has an
advantage of being simple and of fixing exactly one thing, but if Jouni
feels more comfort
On Fri, Oct 20, 2006 at 06:19:43PM -0700, Jouni Malinen wrote:
> On Fri, Oct 20, 2006 at 06:20:15PM -0400, Pavel Roskin wrote:
>
> > The record length for numerical manufacturer ID should be at least 4
> > bytes (two 16-bit words). The code required 5 bytes, which would break
> > for most (if not
On Fri, Oct 20, 2006 at 06:20:15PM -0400, Pavel Roskin wrote:
> The record length for numerical manufacturer ID should be at least 4
> bytes (two 16-bit words). The code required 5 bytes, which would break
> for most (if not all) cards. Reported by [EMAIL PROTECTED]
> case CISTPL_
