[ofw] [Patch][ipoib][ipoib_NDIS6_CM] Fixing a bug when OID_GEN_NETWORK_LAYER_ADDRESSES contains bad data

Alex Naslednikov xalex at mellanox.co.il
Wed Aug 25 09:27:50 PDT 2010


We got this failure during the night regression run, it's hard to repro.
The other way is just send custom OID with bad data (in a case you want to validate the robustness of a new code) 

-----Original Message-----
From: Fab Tillier [mailto:ftillier at microsoft.com] 
Sent: Wednesday, August 25, 2010 7:26 PM
To: Alex Naslednikov; Hefty, Sean; ofw at lists.openfabrics.org
Subject: RE: [ofw] [Patch][ipoib][ipoib_NDIS6_CM] Fixing a bug when OID_GEN_NETWORK_LAYER_ADDRESSES contains bad data

What are the repro steps for this?

Thanks,
-Fab

Alex Naslednikov wrote on Tue, 24 Aug 2010 at 23:06:15

> Yes, we got to the same decision - the NETWORK_ADDRESS array contained 
> 5 6-bytes chunks instead of 5 14-bytes chunks. But anyway, this bug at 
> NDIS caused BSOD at ipoib (because of memory violation)
> 
> -----Original Message-----
> From: Hefty, Sean [mailto:sean.hefty at intel.com]
> Sent: Monday, August 23, 2010 7:16 PM
> To: Alex Naslednikov; ofw at lists.openfabrics.org
> Subject: RE: [ofw] [Patch][ipoib][ipoib_NDIS6_CM] Fixing a bug when 
> OID_GEN_NETWORK_LAYER_ADDRESSES contains bad data
> 
>> Fixing the bug when NDIS sends OID_GEN_NETWORK_LAYER_ADDRESSES with 
>> the list of new addresses with invalid formatting (happened when 
>> AddressCount
>> =5)
>> 
>> NDIS sends NETWORK_ADDRESS_LIST structure, which contains an array of 
>> NETWORK_ADDRESS structures of variable size.
>> The calculation of the next address offset is based on AddressLength; 
>> in a case when this field contains wrong data, one can get access 
>> violation error
> 
> This sounds like a bug in NDIS
> 
> _______________________________________________
> ofw mailing list
> ofw at lists.openfabrics.org
> http://lists.openfabrics.org/cgi-bin/mailman/listinfo/ofw



More information about the ofw mailing list