[ofw] [PATCH 13/?] Don't corrupt the stack
Fab Tillier
ftillier at microsoft.com
Mon Jun 18 20:08:14 PDT 2012
This patch fixes a bug in PD creation where the user-mode data for kernel callers is discarded, so references a dummy variable on the stack. Unfortunately, the dummy variable referenced goes out of scope before it is written. Oops.
Signed-off-by: Fab Tillier <ftillier at microsoft.com>
Index: hw/mlx4/kernel/hca/pd.c
===================================================================
--- hw/mlx4/kernel/hca/pd.c (revision 3414)
+++ hw/mlx4/kernel/hca/pd.c (working copy)
@@ -78,9 +78,8 @@
0, sizeof(p_resp->pdn));
}
else {
- u32 pdn;
- INIT_UDATA(&udata, NULL, &pdn,
- 0, sizeof(pdn));
+ // Discard PDN output, so use status as temp storage.
+ INIT_UDATA(&udata, NULL, &status, 0, sizeof(status));
}
}
else {
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 13.stack_corrupt.patch
Type: application/octet-stream
Size: 488 bytes
Desc: 13.stack_corrupt.patch
URL: <http://lists.openfabrics.org/pipermail/ofw/attachments/20120619/df304803/attachment.obj>
More information about the ofw
mailing list