diff options
author | Julian Wiedmann <[email protected]> | 2018-05-02 08:48:43 +0200 |
---|---|---|
committer | Martin Schwidefsky <[email protected]> | 2018-05-15 07:40:36 +0200 |
commit | e521813468f786271a87e78e8644243bead48fad (patch) | |
tree | 553f2eef978d0dd921ae653d118fa22719dce281 /lib/test_fortify/write_overflow-strcpy.c | |
parent | 4bbaf2584b86b0772413edeac22ff448f36351b1 (diff) |
s390/qdio: fix access to uninitialized qdio_q fields
Ever since CQ/QAOB support was added, calling qdio_free() straight after
qdio_alloc() results in qdio_release_memory() accessing uninitialized
memory (ie. q->u.out.use_cq and q->u.out.aobs). Followed by a
kmem_cache_free() on the random AOB addresses.
For older kernels that don't have 6e30c549f6ca, the same applies if
qdio_establish() fails in the DEV_STATE_ONLINE check.
While initializing q->u.out.use_cq would be enough to fix this
particular bug, the more future-proof change is to just zero-alloc the
whole struct.
Fixes: 104ea556ee7f ("qdio: support asynchronous delivery of storage blocks")
Cc: <[email protected]> #v3.2+
Signed-off-by: Julian Wiedmann <[email protected]>
Signed-off-by: Martin Schwidefsky <[email protected]>
Diffstat (limited to 'lib/test_fortify/write_overflow-strcpy.c')
0 files changed, 0 insertions, 0 deletions