lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sun, 7 Feb 2016 23:35:21 +0200 From: Tomas Winkler <tomas.winkler@...el.com> To: Greg Kroah-Hartman <gregkh@...uxfoundation.org> Cc: Alexander Usyskin <alexander.usyskin@...el.com>, linux-kernel@...r.kernel.org, Tomas Winkler <tomas.winkler@...el.com> Subject: [char-misc-next 05/27] mei: amthif: don't copy from an empty buffer From: Alexander Usyskin <alexander.usyskin@...el.com> If empty message come from FW (buf_idx == 0) then the current code will still try to copy data from not filled buffer to the user-space, instead the code should behave the same as when end of a message has been reached, clean resources and return 0 Signed-off-by: Alexander Usyskin <alexander.usyskin@...el.com> Signed-off-by: Tomas Winkler <tomas.winkler@...el.com> --- drivers/misc/mei/amthif.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/misc/mei/amthif.c b/drivers/misc/mei/amthif.c index b753df98b476..c3f514027c80 100644 --- a/drivers/misc/mei/amthif.c +++ b/drivers/misc/mei/amthif.c @@ -185,7 +185,7 @@ int mei_amthif_read(struct mei_device *dev, struct file *file, /* if the whole message will fit remove it from the list */ if (cb->buf_idx >= *offset && length >= (cb->buf_idx - *offset)) list_del_init(&cb->list); - else if (cb->buf_idx > 0 && cb->buf_idx <= *offset) { + else if (cb->buf_idx <= *offset) { /* end of the message has been reached */ list_del_init(&cb->list); rets = 0; -- 2.4.3
Powered by blists - more mailing lists