[openib-general] [PATCH applied] sdp_iocb memory corruption fix
Michael S. Tsirkin
mst at mellanox.co.il
Thu Dec 15 10:07:25 PST 2005
Fix thinko in sdp_copy_one_page: dont try to copy beyond the
page boundary.
Signed-off-by: Michael S. Tsirkin <mst at mellanox.co.il>
Index: linux-2.6.14/drivers/infiniband/ulp/sdp/sdp_iocb.c
===================================================================
--- linux-2.6.14.orig/drivers/infiniband/ulp/sdp/sdp_iocb.c 2005-12-15 22:33:02.000000000 +0200
+++ linux-2.6.14/drivers/infiniband/ulp/sdp/sdp_iocb.c 2005-12-15 22:34:01.000000000 +0200
@@ -43,8 +43,8 @@ static void sdp_copy_one_page(struct pag
unsigned long uaddr)
{
size_t size_left = iocb_addr + iocb_size - uaddr;
- size_t size = min(size_left, (size_t)PAGE_SIZE);
unsigned long offset = uaddr % PAGE_SIZE;
+ size_t size = min(size_left, (size_t)(PAGE_SIZE - offset));
unsigned long flags;
void* fptr;
--
MST
More information about the general
mailing list