[PATCH] ide: don't call memcpy with the same source and destination

From: Mikulas Patocka
Date: Fri Apr 14 2017 - 14:35:48 EST

Next message: fu . wei: "[PATCH v24 00/11] acpi, clocksource: add GTDT driver and GTDT support in arm_arch_timer"
Previous message: Thomas Gleixner: "Re: [PATCH 14/24] x86: Restrict MSR access when the kernel is locked down"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The parisc architecture recently reimplemented the memcpy function and
their reimplementation crashed when source and destination overlapped.

The crash happened in the function ide_complete_cmd where memcpy is called
with the same source and destination pointer. According to the C
specification, memcpy behavior is undefined if the source and destination
range overlaps. This patches fixes the undefined behavior.

Signed-off-by: Mikulas Patocka <mpatocka@xxxxxxxxxx>

---
drivers/ide/ide-io.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

Index: linux-4.11-rc6/drivers/ide/ide-io.c
===================================================================
--- linux-4.11-rc6.orig/drivers/ide/ide-io.c
+++ linux-4.11-rc6/drivers/ide/ide-io.c
@@ -107,7 +107,7 @@ void ide_complete_cmd(ide_drive_t *drive

if (cmd->tf_flags & IDE_TFLAG_DYN)
kfree(orig_cmd);
- else
+ else if (cmd != orig_cmd)
memcpy(orig_cmd, cmd, sizeof(*cmd));
}
}

Next message: fu . wei: "[PATCH v24 00/11] acpi, clocksource: add GTDT driver and GTDT support in arm_arch_timer"
Previous message: Thomas Gleixner: "Re: [PATCH 14/24] x86: Restrict MSR access when the kernel is locked down"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]