[PATCH-2.4] range checking for sleep states sent to /proc/acpi/sleep

Hi,

A range checking is missing in acpi_system_write_sleep() in kernel
2.4, and writing a large integer value to /proc/acpi/sleep will cause
an oops. I could reproduce one this way :

   # echo 0x800000 >/proc/acpi/sleep

Fix extracted from the PaX patch.

Cheers,
Willy

---

 drivers/acpi/system.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

3cae76269fd00aa352255d872c8f461472ef8b56
diff --git a/drivers/acpi/system.c b/drivers/acpi/system.c
index a1e018c..26f7b68 100644
--- a/drivers/acpi/system.c
+++ b/drivers/acpi/system.c
@@ -748,7 +748,7 @@ acpi_system_write_sleep (
 	
 	state = simple_strtoul(state_string, NULL, 0);
 	
-	if (!system->states[state])
+	if (state >= ACPI_S_STATE_COUNT || !system->states[state])
 		return_VALUE(-ENODEV);
 
 	/*
-- 
1.3.3

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

---

• Prev by Date: Re: [discuss] Re: [RFC] Whitelist chipsets supporting MSI and check Hyper-transport capabilitiesKJ
• Next by Date: Re: [patch -mm 20/20 RFC] chardev: GPIO for SCx200 & PC-8736x: add sysfs-GPIO interface
• Previous by thread: pci=assign-busses on Compaq R3440CA
• Next by thread: [RFC] suggestion [PATCH N/M] subject lines
• Index(es):
  • Date
  • Thread

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]