From: Geert Uytterhoeven <geert@linux-m68k.org>
To: Finn Thain <fthain@telegraphics.com.au>
Cc: Laurent Vivier <lvivier@redhat.com>, Jens Axboe <axboe@kernel.dk>,
linux-m68k <linux-m68k@vger.kernel.org>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH 06/12] block/swim: Fix array bounds check
Date: Mon, 9 Apr 2018 15:08:56 +0200 [thread overview]
Message-ID: <CAMuHMdXC3d84tJLsr=mZx20qsF6ddvmNMSFOCY-xHmzqDF3qhQ@mail.gmail.com> (raw)
In-Reply-To: <e5bd38c0bd81236e11fd391ec3339d3bdf3c29d5.1522546571.git.fthain@telegraphics.com.au>
Hi Finn,
On Sun, Apr 1, 2018 at 3:41 AM, Finn Thain <fthain@telegraphics.com.au> wrote:
> In the floppy_find() function in swim.c is a call to
> get_disk(swd->unit[drive].disk). The actual parameter to this call
> can be a NULL pointer when drive == swd->floppy_count. This causes
> an oops in get_disk().
>
> Data read fault at 0x00000198 in Super Data (pc=0x1be5b6)
[...]
> Fix the array index bounds check to avoid this.
>
> Fixes: 8852ecd97488 ("[PATCH] m68k: mac - Add SWIM floppy support")
> Cc: Laurent Vivier <lvivier@redhat.com>
> Cc: Jens Axboe <axboe@kernel.dk>
> Tested-by: Stan Johnson <userm57@yahoo.com>
> Signed-off-by: Finn Thain <fthain@telegraphics.com.au>
Reviewed-by: Geert Uytterhoeven <geert@linux-m68k.org>
Looks like amiflop.c:find_floppy() needs a check, too?
Gr{oetje,eeting}s,
Geert
--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@linux-m68k.org
In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
-- Linus Torvalds
next prev parent reply other threads:[~2018-04-09 13:08 UTC|newest]
Thread overview: 44+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-04-01 1:41 [PATCH 00/12] SWIM driver fixes Finn Thain
2018-04-01 1:41 ` [PATCH 04/12] m68k/mac: Place ISM IOP in bypass mode Finn Thain
2018-04-05 1:33 ` Sasha Levin
2018-04-01 1:41 ` [PATCH 02/12] m68k/mac: Fix SWIM memory resource end address Finn Thain
2018-04-05 1:33 ` Sasha Levin
2018-04-09 12:51 ` Geert Uytterhoeven
2018-04-01 1:41 ` [PATCH 03/12] m68k/mac: Don't remap SWIM MMIO region Finn Thain
2018-04-05 1:33 ` Sasha Levin
2018-04-09 12:54 ` Geert Uytterhoeven
2018-04-09 15:17 ` Luc Van Oostenryck
2018-04-10 1:35 ` Finn Thain
2018-04-10 2:38 ` Michael Schmitz
2018-04-01 1:41 ` [PATCH 01/12] m68k/mac: Revisit floppy disc controller base addresses Finn Thain
2018-04-05 1:33 ` Sasha Levin
2018-04-01 1:41 ` [PATCH 10/12] block/swim: Check drive type Finn Thain
2018-04-05 1:33 ` Sasha Levin
2018-04-01 1:41 ` [PATCH 11/12] block/swim: Fix IO error at end of medium Finn Thain
2018-04-05 1:33 ` Sasha Levin
2018-04-01 1:41 ` [PATCH 07/12] block/swim: Remove extra put_disk() call from error path Finn Thain
2018-04-05 1:33 ` Sasha Levin
2018-04-09 13:11 ` Geert Uytterhoeven
2018-04-01 1:41 ` [PATCH 12/12] block/swim: Select appropriate drive on device open Finn Thain
2018-04-05 1:33 ` Sasha Levin
2018-04-01 1:41 ` [PATCH 08/12] block/swim: Don't log an error message for an invalid ioctl Finn Thain
2018-04-05 1:33 ` Sasha Levin
2018-04-09 13:14 ` Geert Uytterhoeven
2018-04-10 1:27 ` Finn Thain
2018-04-01 1:41 ` [PATCH 09/12] block/swim: Rename macros to avoid inconsistent inverted logic Finn Thain
2018-04-01 1:41 ` Finn Thain
2018-04-01 1:41 ` [PATCH 05/12] block/swim: Use HEDSEL bit in ISM mode register Finn Thain
2018-04-05 1:33 ` Sasha Levin
2018-04-01 1:41 ` [PATCH 06/12] block/swim: Fix array bounds check Finn Thain
2018-04-05 1:33 ` Sasha Levin
2018-04-09 13:08 ` Geert Uytterhoeven [this message]
2018-04-10 1:10 ` Finn Thain
2018-04-03 19:07 ` [PATCH 00/12] SWIM driver fixes Laurent Vivier
2018-04-03 22:53 ` Finn Thain
2018-04-03 23:32 ` Jens Axboe
2018-04-03 23:33 ` Jens Axboe
2018-04-05 1:33 ` Sasha Levin
2018-04-05 6:30 ` Greg KH
2018-04-05 6:40 ` Sasha Levin
2018-04-05 6:51 ` Greg KH
2018-04-07 0:14 ` Finn Thain
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAMuHMdXC3d84tJLsr=mZx20qsF6ddvmNMSFOCY-xHmzqDF3qhQ@mail.gmail.com' \
--to=geert@linux-m68k.org \
--cc=axboe@kernel.dk \
--cc=fthain@telegraphics.com.au \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-m68k@vger.kernel.org \
--cc=lvivier@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.