* Stefan Richter ([email protected]) wrote:
> I added a failure check in patch "sbp2: variable status FIFO address
> (fix login timeout)" --- alas for a wrong error value. This is a bug
> since Linux 2.6.16. Leads to NULL pointer dereference if the call
> failed, and bogus failure handling if call succeeded.
>
> Signed-off-by: Stefan Richter <[email protected]>
> ---
> applies to 2.6.17-rc5
> applies to 2.6.16.x after patch ''ohci1394, sbp2: fix "scsi_add_device
> failed" with PL-3507 based devices''
>
> Index: linux-2.6.17-rc5/drivers/ieee1394/sbp2.c
> ===================================================================
> --- linux-2.6.17-rc5.orig/drivers/ieee1394/sbp2.c 2006-06-03 01:52:54.000000000 +0200
> +++ linux-2.6.17-rc5/drivers/ieee1394/sbp2.c 2006-06-03 01:54:23.000000000 +0200
> @@ -845,7 +845,7 @@ static struct scsi_id_instance_data *sbp
> &sbp2_highlevel, ud->ne->host, &sbp2_ops,
> sizeof(struct sbp2_status_block), sizeof(quadlet_t),
> 0x010000000000ULL, CSR1212_ALL_SPACE_END);
> - if (!scsi_id->status_fifo_addr) {
> + if (scsi_id->status_fifo_addr == ~0ULL) {
> SBP2_ERR("failed to allocate status FIFO address range");
> goto failed_alloc;
> }
>
Is that enough?
failed_alloc:
sbp2_remove_device(scsi_id);
sbp2_remove_device(scsi_id)
if (scsi_id->status_fifo_addr)
hpsb_unregister_addrspace()
Suppose status_fifo_addr won't match any as->start.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
