[PATCH] powerpc/oprofile: fix potential buffer overrun in op_model_cell.c

Thu Jun 3 06:12:00 EST 2010

Denis:

I have reviewed the change and agree to it.  Thanks for catching that.

          Carl Love



                                                                           
             Denis Kirjanov                                                
             <dkirjanov at hera.k                                             
             ernel.org>                                                 To 
                                       arnd at arndb.de,                      
             06/01/2010 12:43          benh at kernel.crashing.org,           
             PM                        paulus at samba.org, jkosina at suse.cz   
                                                                        cc 
                                       linuxppc-dev at ozlabs.org,            
                                       oprofile-list at lists.sf.net          
                                                                   Subject 
                                       [PATCH] powerpc/oprofile: fix       
                                       potential buffer overrun in     
                                       op_model_cell.c                     
                                                                           
                                                                           
                                                                           
                                                                           
                                                                           
                                                                           




Fix potential initial_lfsr buffer overrun.
Writing past the end of the buffer could happen when index == ENTRIES

Signed-off-by: Denis Kirjanov <dkirjanov at kernel.org>
---
 arch/powerpc/oprofile/op_model_cell.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/arch/powerpc/oprofile/op_model_cell.c
b/arch/powerpc/oprofile/op_model_cell.c
index 2c9e522..7fd90d0 100644
--- a/arch/powerpc/oprofile/op_model_cell.c
+++ b/arch/powerpc/oprofile/op_model_cell.c
@@ -1077,7 +1077,7 @@ static int calculate_lfsr(int n)
 		 		 index = ENTRIES-1;

 		 /* make sure index is valid */
-		 if ((index > ENTRIES) || (index < 0))
+		 if ((index >= ENTRIES) || (index < 0))
 		 		 index = ENTRIES-1;

 		 return initial_lfsr[index];

------------------------------------------------------------------------------


_______________________________________________
oprofile-list mailing list
oprofile-list at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/oprofile-list
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ozlabs.org/pipermail/linuxppc-dev/attachments/20100602/ec9618c1/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: graycol.gif
Type: image/gif
Size: 105 bytes
Desc: not available
URL: <http://lists.ozlabs.org/pipermail/linuxppc-dev/attachments/20100602/ec9618c1/attachment-0003.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pic11538.gif
Type: image/gif
Size: 1255 bytes
Desc: not available
URL: <http://lists.ozlabs.org/pipermail/linuxppc-dev/attachments/20100602/ec9618c1/attachment-0004.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ecblank.gif
Type: image/gif
Size: 45 bytes
Desc: not available
URL: <http://lists.ozlabs.org/pipermail/linuxppc-dev/attachments/20100602/ec9618c1/attachment-0005.gif>
