Fix NULL pointer dereference in i2400m (rhbz 808603)
This commit is contained in:
Josh Boyer
parent
295a916d88
commit
77ab0813b6
|
|
@ -698,6 +698,9 @@ Patch21360: uvcvideo-Fix-race-induced-crash-in-uvc_video_clock_update.patch
|
|||
Patch21370: iwlegacy-do-not-nulify-il-vif-on-reset.patch
|
||||
Patch21371: iwlwifi-do-not-nulify-ctx-vif-on-reset.patch
|
||||
|
||||
#rhbz 808603
|
||||
Patch21380: wimax-i2400m-prevent-a-possible-kernel-bug-due-to-mi.patch
|
||||
|
||||
Patch21501: nfs-Fix-length-of-buffer-copied-in-__nfs4_get_acl_uncached.patch
|
||||
|
||||
#rhbz 808207 CVE-2012-1601
|
||||
|
|
@ -1300,6 +1303,9 @@ ApplyPatch iwlwifi-do-not-nulify-ctx-vif-on-reset.patch
|
|||
#rhbz 806433
|
||||
ApplyPatch uvcvideo-Fix-race-induced-crash-in-uvc_video_clock_update.patch
|
||||
|
||||
#rhbz 808603
|
||||
ApplyPatch wimax-i2400m-prevent-a-possible-kernel-bug-due-to-mi.patch
|
||||
|
||||
# END OF PATCH APPLICATIONS
|
||||
|
||||
%endif
|
||||
|
|
@ -1947,6 +1953,9 @@ fi
|
|||
# and build.
|
||||
|
||||
%changelog
|
||||
* Wed Apr 04 2012 Josh Boyer <jwboyer@redhat.com>
|
||||
- Fix NULL pointer dereference in i2400m (rhbz 808603)
|
||||
|
||||
* Tue Apr 03 2012 Josh Boyer <jwboyer@redhat.com>
|
||||
- Fix crash in uvc_video_clock_update from Laurent Pinchart (rhbz 806433)
|
||||
- iwl{wifi,legacy}: Fix warnings on remove interface from Stanislaw Gruszka
|
||||
|
|
|
|||
|
|
@ -0,0 +1,34 @@
|
|||
From 4eee6a3a04e8bb53fbe7de0f64d0524d3fbe3f80 Mon Sep 17 00:00:00 2001
|
||||
From: Phil Sutter <phil.sutter@viprinet.com>
|
||||
Date: Mon, 26 Mar 2012 09:01:30 +0000
|
||||
Subject: [PATCH] wimax: i2400m - prevent a possible kernel bug due to missing
|
||||
fw_name string
|
||||
|
||||
This happened on a machine with a custom hotplug script calling nameif,
|
||||
probably due to slow firmware loading. At the time nameif uses ethtool
|
||||
to gather interface information, i2400m->fw_name is zero and so a null
|
||||
pointer dereference occurs from within i2400m_get_drvinfo().
|
||||
|
||||
Signed-off-by: Phil Sutter <phil.sutter@viprinet.com>
|
||||
Signed-off-by: David S. Miller <davem@davemloft.net>
|
||||
---
|
||||
drivers/net/wimax/i2400m/netdev.c | 3 ++-
|
||||
1 files changed, 2 insertions(+), 1 deletions(-)
|
||||
|
||||
diff --git a/drivers/net/wimax/i2400m/netdev.c b/drivers/net/wimax/i2400m/netdev.c
|
||||
index 63e4b70..1d76ae8 100644
|
||||
--- a/drivers/net/wimax/i2400m/netdev.c
|
||||
+++ b/drivers/net/wimax/i2400m/netdev.c
|
||||
@@ -597,7 +597,8 @@ static void i2400m_get_drvinfo(struct net_device *net_dev,
|
||||
struct i2400m *i2400m = net_dev_to_i2400m(net_dev);
|
||||
|
||||
strncpy(info->driver, KBUILD_MODNAME, sizeof(info->driver) - 1);
|
||||
- strncpy(info->fw_version, i2400m->fw_name, sizeof(info->fw_version) - 1);
|
||||
+ strncpy(info->fw_version,
|
||||
+ i2400m->fw_name ? : "", sizeof(info->fw_version) - 1);
|
||||
if (net_dev->dev.parent)
|
||||
strncpy(info->bus_info, dev_name(net_dev->dev.parent),
|
||||
sizeof(info->bus_info) - 1);
|
||||
--
|
||||
1.7.7.6
|
||||
|
||||
Loading…
Reference in New Issue