[PATCH] dmi: Prevent linked list corruption

From: Jean Delvare
Date: Mon Feb 11 2008 - 12:22:50 EST


Adding the same item to a given linked list more than once is guaranteed
to break and corrupt the list. This is however what we do in dmi_scan
since commit 79da4721117fcf188b4b007b775738a530f574da.

Given that there is absolutely no interest in saving empty OEM
strings anyway, I propose the simple and efficient fix below: we
discard the empty OEM strings altogether.

Signed-off-by: Jean Delvare <khali@xxxxxxxxxxxx>
Cc: Parag Warudkar <parag.warudkar@xxxxxxxxx>
Cc: Ingo Molnar <mingo@xxxxxxx>
Cc: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
---
The empty OEM strings weren't even added with the correct entry type
(0 instead of DMI_DEV_TYPE_OEM_STRING.)

drivers/firmware/dmi_scan.c | 8 +-------
1 file changed, 1 insertion(+), 7 deletions(-)

--- linux-2.6.25-rc1.orig/drivers/firmware/dmi_scan.c 2008-02-11 16:15:10.000000000 +0100
+++ linux-2.6.25-rc1/drivers/firmware/dmi_scan.c 2008-02-11 18:03:27.000000000 +0100
@@ -217,10 +217,6 @@ static void __init dmi_save_devices(cons
}
}

-static struct dmi_device empty_oem_string_dev = {
- .name = dmi_empty_string,
-};
-
static void __init dmi_save_oem_strings_devices(const struct dmi_header *dm)
{
int i, count = *(u8 *)(dm + 1);
@@ -229,10 +225,8 @@ static void __init dmi_save_oem_strings_
for (i = 1; i <= count; i++) {
char *devname = dmi_string(dm, i);

- if (!strcmp(devname, dmi_empty_string)) {
- list_add(&empty_oem_string_dev.list, &dmi_devices);
+ if (!strcmp(devname, dmi_empty_string))
continue;
- }

dev = dmi_alloc(sizeof(*dev));
if (!dev) {

--
Jean Delvare
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/