[PATCH 12.5/62] firewire: add minor number range check tofw_device_init()

From: Tejun Heo
Date: Mon Feb 04 2013 - 11:57:44 EST

Next message: Alex Williamson: "Re: [PATCH v3 3/3] QEMU-AER: Qemu changes to support AER forVFIO-PCI devices"
Previous message: H. Peter Anvin: "Re: [PATCH 4/4] x86, 32-bit: Drop new_cpu_data"
In reply to: Stefan Richter: "Re: [PATCH 13/62] firewire: convert to idr_alloc()"
Next in thread: Stefan Richter: "Re: [PATCH 12.5/62] firewire: add minor number range check tofw_device_init()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

fw_device_init() didn't check whether the allocated minor number isn't
too large. Fail if it goes overflows MINORBITS.

Signed-off-by: Tejun Heo <tj@xxxxxxxxxx>
Suggested-by: Stefan Richter <stefanr@xxxxxxxxxxxxxxxxx>
Cc: stable@xxxxxxxxxxxxxxx
---
drivers/firewire/core-device.c | 4 ++++
1 file changed, 4 insertions(+)

--- a/drivers/firewire/core-device.c
+++ b/drivers/firewire/core-device.c
@@ -1020,6 +1020,10 @@ static void fw_device_init(struct work_s
ret = idr_pre_get(&fw_device_idr, GFP_KERNEL) ?
idr_get_new(&fw_device_idr, device, &minor) :
-ENOMEM;
+ if (minor >= 1 << MINORBITS) {
+ idr_remove(&fw_device_idr, minor);
+ minor = -ENOSPC;
+ }
up_write(&fw_device_rwsem);

if (ret < 0)
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Alex Williamson: "Re: [PATCH v3 3/3] QEMU-AER: Qemu changes to support AER forVFIO-PCI devices"
Previous message: H. Peter Anvin: "Re: [PATCH 4/4] x86, 32-bit: Drop new_cpu_data"
In reply to: Stefan Richter: "Re: [PATCH 13/62] firewire: convert to idr_alloc()"
Next in thread: Stefan Richter: "Re: [PATCH 12.5/62] firewire: add minor number range check tofw_device_init()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]