On 2013年04月23日 08:31, Benjamin Herrenschmidt wrote: > On Thu, 2013-04-18 at 12:45 +0800, Chen Gang wrote: >> Hello Maintainers: >> >> >> in arch/powerpc/kernel/lparcfg.c, parse_system_parameter_string() >> >> need set '\0' for 'local_buffer'. >> >> the reason is: >> SPLPAR_MAXLENGTH is 1026, RTAS_DATA_BUF_SIZE is 4096 >> the contents of rtas_data_buf may truncated in memcpy (line 301). >> >> if contents are truncated. >> the splpar_strlen is more than 1026 (line 321) >> the while loop checking will not find the end of buffer (line 326) >> it will cause memory access violation. >> >> >> I find it by reading code, so please help check. > > And a signed-off-by please ? >
ok, thanks, I should send the related patch. -- Chen Gang Asianux Corporation _______________________________________________ Linuxppc-dev mailing list Linuxppc-dev@lists.ozlabs.org https://lists.ozlabs.org/listinfo/linuxppc-dev
