[PATCH 2/2] cpqfc: fix for possible memory out of bounds bugzilla#243

Patch 2 of 2

This patch fixes the Bugzilla Bug#243. This fix is to solve the possible
memory
out of bounds in BigEndianSwap routine of cpqfcTSworker.c

Please consider this for inclusion

Signed-off-by: Ramanamurthy Saripalli <[email protected]>

 cpqfcTScontrol.c |    2 --
 cpqfcTSworker.c  |    3 +++
 2 files changed, 3 insertions(+), 2 deletions(-)
------------------------------------------------------------------------
-------
diff -burpN old/drivers/scsi/cpqfcTScontrol.c
new/drivers/scsi/cpqfcTScontrol.c
--- old/drivers/scsi/cpqfcTScontrol.c	2005-07-12 22:52:29.000000000
+0530
+++ new/drivers/scsi/cpqfcTScontrol.c	2005-07-19 00:33:29.385458328
+0530
@@ -606,7 +606,6 @@ static int PeekIMQEntry( PTACHYON fcChip
         if( (fcChip->IMQ->QEntry[CI].type & 0x1FF) == 0x104 )
         { 
           TachFCHDR_GCMND* fchs;
-#error This is too much stack
           ULONG ulFibreFrame[2048/4];  // max DWORDS in incoming FC
Frame
 	  USHORT SFQpi = (USHORT)(fcChip->IMQ->QEntry[CI].word[0] &
0x0fffL);
 
@@ -718,7 +717,6 @@ int CpqTsProcessIMQEntry(void *host)
   ULONG x_ID;
   ULONG ulBuff, dwStatus;
   TachFCHDR_GCMND* fchs;
-#error This is too much stack
   ULONG ulFibreFrame[2048/4];  // max number of DWORDS in incoming
Fibre Frame
   UCHAR ucInboundMessageType;  // Inbound CM, dword 3 "type" field
 
diff -burpN old/drivers/scsi/cpqfcTSworker.c
new/drivers/scsi/cpqfcTSworker.c
--- old/drivers/scsi/cpqfcTSworker.c	2005-07-12 22:52:29.000000000
+0530
+++ new/drivers/scsi/cpqfcTSworker.c	2005-07-19 00:33:32.245023608
+0530
@@ -4024,6 +4024,9 @@ void BigEndianSwap( UCHAR *source, UCHAR
   int i,j;
 
   source+=3;   // start at MSB of 1st ULONG
+
+  cnt -= (cnt % 4 );
+
   for( j=0; j < cnt; j+=4, source+=4, dest+=4)  // every ULONG
   {
     for( i=0; i<4; i++)  // every UCHAR in ULONG
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

---

• Prev by Date: [PATCH 1/2] cpqfc: fix for "Using too much stach" in 2.6 kernel
• Next by Date: Re: Obsolete files in 2.6 tree
• Previous by thread: [PATCH 1/2] cpqfc: fix for "Using too much stach" in 2.6 kernel
• Next by thread: [PATCH 1/3] cpqarray: support for SENSE_SURF_STATUS ioctl
• Index(es):
  • Date
  • Thread

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]