| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <200706171340.04090.mb@bu3sch.de>
Date: Sun, 17 Jun 2007 13:40:03 +0200
From: Michael Buesch <mb@...sch.de>
To: John Linville <linville@...driver.com>,
Andrew Morton <akpm@...ux-foundation.org>
Cc: netdev@...r.kernel.org, Maximilian Engelhardt <maxi@...monizer.de>,
Gary Zambrano <zambrano@...adcom.com>
Subject: [PATCH] Fix stupid wol variable overflow bug
This bug was introduced by me.
val is 16bit, but the read value is 32bit.
Seems like I was smoking crack when porting that part of the driver.
I guess that's the last stupid bug in these 4 lines of code.
Signed-off-by: Michael Buesch <mb@...sch.de>
Index: bu3sch-wireless-dev/drivers/net/b44.c
===================================================================
--- bu3sch-wireless-dev.orig/drivers/net/b44.c 2007-06-16 19:56:41.000000000 +0200
+++ bu3sch-wireless-dev/drivers/net/b44.c 2007-06-17 13:35:23.000000000 +0200
@@ -1574,8 +1574,7 @@ static void b44_setup_wol_pci(struct b44
u16 val;
if (bp->sdev->bus->bustype != SSB_BUSTYPE_SSB) {
- val = br32(bp, SSB_TMSLOW);
- bw32(bp, SSB_TMSLOW, val | SSB_TMSLOW_PE);
+ bw32(bp, SSB_TMSLOW, br32(bp, SSB_TMSLOW) | SSB_TMSLOW_PE);
pci_read_config_word(bp->sdev->bus->host_pci, SSB_PMCSR, &val);
pci_write_config_word(bp->sdev->bus->host_pci, SSB_PMCSR, val | SSB_PE);
}
Please apply this to wireless-dev.
--
Greetings Michael.
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists