powerpc/fsl-booke: read buffer overflow

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

cam[tlbcam_index] is checked before tlbcam_index < ARRAY_SIZE(cam)

Signed-off-by: Roel Kluin <roel.kluin@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Kumar Gala <galak@kernel.crashing.org>
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>

authored by

Roel Kluin and committed by

Benjamin Herrenschmidt 16 years ago 8dcd038a b6c316a1

+1 -1

1 changed file

expand all

arch

powerpc

fsl_booke_mmu.c

+1 -1

arch/powerpc/mm/fsl_booke_mmu.c

··· 161 161 unsigned long virt = PAGE_OFFSET; 162 162 phys_addr_t phys = memstart_addr; 163 163 164 - while (cam[tlbcam_index] && tlbcam_index < ARRAY_SIZE(cam)) { 164 + while (tlbcam_index < ARRAY_SIZE(cam) && cam[tlbcam_index]) { 165 165 settlbcam(tlbcam_index, virt, phys, cam[tlbcam_index], PAGE_KERNEL_X, 0); 166 166 virt += cam[tlbcam_index]; 167 167 phys += cam[tlbcam_index];