[PATCH] Overflow protection in do_io_probe()
Pavel Roskin
proski at gnu.org
Wed Jun 23 19:19:26 EDT 2004
Hello!
If I use something like "include port 0xf000-0xffff" in
/etc/pcmcia/config.opts, the kernel hangs while printing the excluded
ports on the console. It happens because "i" has type ioaddr_t and
overflows to 0 after it reaches 0xfff8.
The patch looks pretty ugly for my taste, but I cannot think of anything
else that would be as simple and reliable.
Note that "include port 0x0000-0xffff" still fails (but not hangs) for a
different reason. Maybe I'll debug it later.
--
Regards,
Pavel Roskin
-------------- next part --------------
--- linux.orig/drivers/pcmcia/rsrc_mgr.c
+++ linux/drivers/pcmcia/rsrc_mgr.c
@@ -251,6 +251,7 @@ static void do_io_probe(ioaddr_t base, i
if ((j == 8) && (++b[hole] > b[most]))
most = hole;
if (b[most] == 127) break;
+ if ((ioaddr_t)(i + 8) < i) break; /* overflow protection */
}
kfree(b);
@@ -274,6 +275,7 @@ static void do_io_probe(ioaddr_t base, i
bad = 0;
}
}
+ if ((ioaddr_t)(i + 8) < i) break; /* overflow protection */
}
if (bad) {
if ((num > 16) && (bad == base) && (i == base+num)) {
More information about the linux-pcmcia
mailing list