Re: [CHECKER] 74 potential buffer overruns in 2.5.33

• Next message: Mark Mielke: "Re: [rfc] epoll interface change and glibc bits ..."
• Previous message: Andrew Morton: "the random driver"
• In reply to: Andy Chou: "[CHECKER] 74 potential buffer overruns in 2.5.33"
• Next in thread: Nikita Danilov: "Re: [CHECKER] 74 potential buffer overruns in 2.5.33"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Nov 19 2002, Andy Chou wrote:
> Here are 74 out-of-bounds array accesses in Linux 2.5.33 found by the

Ewwww, why so old??

> [BUG] Seems bad.
> /home/acc/linux/2.5.33/drivers/block/ll_rw_blk.c:556:blk_dump_rq_flags:
> ERROR:BUFFER:556:556:Array bounds error: rq_flags[12] indexed with [12]
>
> printk("%s: dev %02x:%02x: ", msg, major(rq->rq_dev),
> minor(rq->rq_dev));
> bit = 0;
> do {
> if (rq->flags & (1 << bit))
>
> Error --->
> printk("%s ", rq_flags[bit]);
> bit++;
> } while (bit < __REQ_NR_BITS);

This was due to someone adding and removing __REQ_* flags and not
changing blk_dump_rq_flags(). 2.5.48 has no such bug anymore, I fixed
this up long ago.

-- 
Jens Axboe
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

• Next message: Mark Mielke: "Re: [rfc] epoll interface change and glibc bits ..."
• Previous message: Andrew Morton: "the random driver"
• In reply to: Andy Chou: "[CHECKER] 74 potential buffer overruns in 2.5.33"
• Next in thread: Nikita Danilov: "Re: [CHECKER] 74 potential buffer overruns in 2.5.33"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Sat Nov 23 2002 - 22:00:31 EST