On 24/05/2005 20:07, Pete Zaitcev wrote: > On Tue, 24 May 2005 13:21:27 +0100, Ian Abbott <[EMAIL PROTECTED]> wrote: > > >>+++ b/drivers/usb/serial/io_edgeport.c 2005-05-16 06:05:08 -07:00 >>@@ -2803,9 +2803,13 @@ >> static void unicode_to_ascii (char *string, short *unicode, int >>unicode_size) >> { >>+ if (unicode_size <= 0) >>+ return; >> string[unicode_size] = 0x00; > > >>This was backported from 2.6.10 and is apparently to work around a gcc >>-Os bug that generates incorrect code without this patch when the >>'unicode_size' parameter is negative, leading to an oops. [] > > > Ian, look closer please. Where do you think the NUL is assigned when > unicode_size is negative? The gcc is correct.
Oh yes, I see what you mean! >>The thing that's puzzling me is why does the workaround not bother >>null-terminating the string? > > Bug inside bugfix. Please see attached patch for 2.6. It might also apply to 2.4.31-pre2-bk4 with some fuzz, but I haven't tried it. -- -=( Ian Abbott @ MEV Ltd. E-mail: <[EMAIL PROTECTED]> )=- -=( Tel: +44 (0)161 477 1898 FAX: +44 (0)161 718 3587 )=-
io_edgeport: In unicode_to_ascii(), if unicode_size is negative, convert it to an empty, null-terminated ASCII string. Signed-off-by: Ian Abbott <[EMAIL PROTECTED]> diff -ur a/drivers/usb/serial/io_edgeport.c b/drivers/usb/serial/io_edgeport.c --- a/drivers/usb/serial/io_edgeport.c 2005-05-25 11:45:26.000000000 +0100 +++ b/drivers/usb/serial/io_edgeport.c 2005-05-25 11:47:25.000000000 +0100 @@ -2793,8 +2793,8 @@ { int i; - if (unicode_size <= 0) - return; + if (unicode_size < 0) + unicode_size = 0; for (i = 0; i < unicode_size; ++i) string[i] = (char)(le16_to_cpu(unicode[i]));