The 'git-scsi-misc' patch removed 2 calls to memset() to zero out
a struct packet_command before passing it to sr_do_ioctl(). This
causes sr_do_ioctl() to use the uninitialized 'sense' member as a
pointer, instead of allocating a new request_sense struct. On my
system, this results in an Oops that kills off hald and others.
This patch restores the 2 memset calls.
Signed-off-by: Lee Schermerhorn <[email protected]>
Index: linux-2.6.16-rc3-mm1/drivers/scsi/sr_ioctl.c
===================================================================
--- linux-2.6.16-rc3-mm1.orig/drivers/scsi/sr_ioctl.c 2006-02-15 13:06:08.000000000 -0500
+++ linux-2.6.16-rc3-mm1/drivers/scsi/sr_ioctl.c 2006-02-15 13:08:56.000000000 -0500
@@ -48,6 +48,7 @@ static int sr_read_tochdr(struct cdrom_d
if (!buffer)
return -ENOMEM;
+ memset(&cgc, 0, sizeof(struct packet_command));
cgc.timeout = IOCTL_TIMEOUT;
cgc.cmd[0] = GPCMD_READ_TOC_PMA_ATIP;
cgc.cmd[8] = 12; /* LSB of length */
@@ -77,6 +78,7 @@ static int sr_read_tocentry(struct cdrom
if (!buffer)
return -ENOMEM;
+ memset(&cgc, 0, sizeof(struct packet_command));
cgc.timeout = IOCTL_TIMEOUT;
cgc.cmd[0] = GPCMD_READ_TOC_PMA_ATIP;
cgc.cmd[1] |= (tocentry->cdte_format == CDROM_MSF) ? 0x02 : 0;
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
