kpriv/linux-hardened
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

pcmcia cis: on an out of range CIS read return 0xff, don't just warn

Browse source 
The current code displays warnings but then proceeds to try and reference
the data through the PCMCIA window. Instead return 0xff. This prevents bogus
CIS data sending us off into hyperspace.

Signed-off-by: Alan Cox <alan@linux.intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This commit is contained in:
Alan Cox 2014-12-10 15:06:10 +00:00 committed by Greg Kroah-Hartman
parent a6c6193a36
commit b38a4bd319
1 changed files with 4 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
drivers/pcmcia/cistpl.c
View file

@ -168,9 +168,12 @@ int pcmcia_read_cis_mem(struct pcmcia_socket *s, int attr, u_int addr,
} else { } else {
u_int inc = 1, card_offset, flags; u_int inc = 1, card_offset, flags;
if (addr > CISTPL_MAX_CIS_SIZE) if (addr > CISTPL_MAX_CIS_SIZE) {
dev_dbg(&s->dev, dev_dbg(&s->dev,
"attempt to read CIS mem at addr %#x", addr); "attempt to read CIS mem at addr %#x", addr);
memset(ptr, 0xff, len);
return -1;
}
flags = MAP_ACTIVE | ((cis_width) ? MAP_16BIT : 0); flags = MAP_ACTIVE | ((cis_width) ? MAP_16BIT : 0);
if (attr) { if (attr) {