subject:"\[PATCH upstream for stable 1\/8\] staging\: vt6656\: \[BUG\] out of bound array reference in RFbSetPower."

[PATCH upstream for stable 1/8] staging: vt6656: [BUG] out of bound array reference in RFbSetPower.

2012-12-27 Thread Malcolm Priestley


upstream commit 
ab1dd9963137a1e122004d5378a581bf16ae9bc8

Tested on kernels 2.6.35, 3.0, 3.2, 3.5 & 3.7

This upstream commit and the ones in patch 2 & 3 are critical for boot
dead lock on 64 bit systems, the remaining commits bring the driver up.

staging: vt6656: [BUG] out of bound array reference in RFbSetPower.

Calling RFbSetPower with uCH zero value will cause out of bound array reference.

This causes 64 bit kernels to oops on boot.

Note: Driver does not function on 64 bit kernels and should be
blacklisted on them.

Cc: sta...@kernel.org  # 2.6.35+
Signed-off-by: Malcolm Priestley 
Signed-off-by: Greg Kroah-Hartman 

diff --git a/drivers/staging/vt6656/rf.c b/drivers/staging/vt6656/rf.c
index 593cdc7..74c0598 100644
--- a/drivers/staging/vt6656/rf.c
+++ b/drivers/staging/vt6656/rf.c
@@ -769,6 +769,9 @@ BYTEbyPwr = pDevice->byCCKPwr;
 return TRUE;
 }
 
+   if (uCH == 0)
+   return -EINVAL;
+
 switch (uRATE) {
 case RATE_1M:
 case RATE_2M:




--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH upstream for stable 1/8] staging: vt6656: [BUG] out of bound array reference in RFbSetPower.

2012-12-27 Thread Ben Hutchings

On Thu, 2012-12-27 at 12:59 +, Malcolm Priestley wrote:
> upstream commit 
> ab1dd9963137a1e122004d5378a581bf16ae9bc8
> 
> Tested on kernels 2.6.35, 3.0, 3.2, 3.5 & 3.7
> 
> This upstream commit and the ones in patch 2 & 3 are critical for boot
> dead lock on 64 bit systems, the remaining commits bring the driver up.
> 
> staging: vt6656: [BUG] out of bound array reference in RFbSetPower.
> 
> Calling RFbSetPower with uCH zero value will cause out of bound array 
> reference.
> 
> This causes 64 bit kernels to oops on boot.
> 
> Note: Driver does not function on 64 bit kernels and should be
> blacklisted on them.
> 
> Cc: sta...@kernel.org  # 2.6.35+
> Signed-off-by: Malcolm Priestley 
> Signed-off-by: Greg Kroah-Hartman 
[...]

Queued up for 3.2, thanks.

Ben.

-- 
Ben Hutchings
The world is coming to an end.  Please log off.


signature.asc
Description: This is a digitally signed message part

[PATCH upstream for stable 1/8] staging: vt6656: [BUG] out of bound array reference in RFbSetPower.

Re: [PATCH upstream for stable 1/8] staging: vt6656: [BUG] out of bound array reference in RFbSetPower.

2 matches

Site Navigation

Mail list logo

Footer information