Skip to main content

Browse the archive

https://github.com/torvalds/linux
27 March 2024, 02:37:15 UTC
Revision bbd562d717a84c6464211e8bd5efa0d9e25edc6d authored by Wim Van Sebroeck on 21 February 2011, 10:52:43 UTC, committed by Wim Van Sebroeck on 14 March 2011, 10:39:27 UTC 
watchdog: cpwd: Fix buffer-overflow
 
cppcheck-1.47 reports:
[drivers/watchdog/cpwd.c:650]: (error) Buffer access out-of-bounds: p.devs

The source code is
	for (i = 0; i < 4; i++) {
		misc_deregister(&p->devs[i].misc);

where devs is defined as WD_NUMDEVS big and WD_NUMDEVS is equal to 3.
So the 4 should be a 3 or WD_NUMDEVS.

Reported-By: David Binderman
Signed-off-by: Wim Van Sebroeck <wim@iguana.be>
1 parent c44ed96
Raw File
Tip revision: bbd562d717a84c6464211e8bd5efa0d9e25edc6d authored by Wim Van Sebroeck on 21 February 2011, 10:52:43 UTC
watchdog: cpwd: Fix buffer-overflow
Tip revision: bbd562d
makelst 
#!/bin/sh
# A script to dump mixed source code & assembly
# with correct relocations from System.map
# Requires the following lines in makefile:
#%.lst: %.c
#	$(CC) $(c_flags) -g -c -o $*.o $< &&
#	$(srctree)/scripts/makelst $*.o System.map $(OBJDUMP) > $@
#
# Copyright (C) 2000 IBM Corporation
# Author(s): DJ Barrow (djbarrow@de.ibm.com,barrow_dj@yahoo.com)
#            William Stearns <wstearns@pobox.com>
#

# awk style field access
field() {
  shift $1 ; echo $1
}

t1=`$3 --syms $1 | grep .text | grep -m1 " F "`
if [ -n "$t1" ]; then
  t2=`field 6 $t1`
  if [ ! -r $2 ]; then
    echo "No System.map" >&2
  else
    t3=`grep $t2 $2`
    t4=`field 1 $t3`
    t5=`field 1 $t1`
    t6=`printf "%lu" $((0x$t4 - 0x$t5))`
  fi
fi
$3 -r --source --adjust-vma=${t6:-0} $1
back to top