| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20130526101551.GC1652@mithrandir>
Date: Sun, 26 May 2013 12:15:52 +0200
From: Thierry Reding <thierry.reding@...il.com>
To: Arto Merilainen <amerilainen@...dia.com>
Cc: airlied@...ux.ie, linux-tegra@...r.kernel.org,
tbergstrom@...dia.com, dri-devel@...ts.freedesktop.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH 3/6] gpu: host1x: Fix memory access in syncpt request
On Fri, May 17, 2013 at 02:49:45PM +0300, Arto Merilainen wrote:
> This patch fixes a bad memory access in syncpoint request code. If
> no syncpoints were available, the code accessed unreserved memory
> area causing unexpected behaviour.
>
> Signed-off-by: Arto Merilainen <amerilainen@...dia.com>
> ---
> drivers/gpu/host1x/syncpt.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/gpu/host1x/syncpt.c b/drivers/gpu/host1x/syncpt.c
> index 5bf5366..6b7ee88 100644
> --- a/drivers/gpu/host1x/syncpt.c
> +++ b/drivers/gpu/host1x/syncpt.c
> @@ -40,7 +40,7 @@ static struct host1x_syncpt *_host1x_syncpt_alloc(struct host1x *host,
>
> for (i = 0; i < host->info->nb_pts && sp->name; i++, sp++)
> ;
> - if (sp->dev)
> + if (i >= host->info->nb_pts)
> return NULL;
While changing this, can you please add a blank line between the loop
and the new 'if (...)'?
Thierry
Content of type "application/pgp-signature" skipped
Powered by blists - more mailing lists