diff options
| author | Björn Bidar | 2022-06-24 20:03:01 +0300 |
|---|---|---|
| committer | Björn Bidar | 2022-06-25 16:46:45 +0300 |
| commit | 657059c03d46120dea746abb196d9d622e21fe5f (patch) | |
| tree | 2ae07d28cd858ef0cda12e3c8af27932d06c0fbb /0020-ata-libata-core-fix-NULL-pointer-deref-in-ata_host_a.patch | |
| parent | 034adcf2fd3311bba3f58b8575b0be699ab3bd70 (diff) | |
| download | aur-657059c03d46120dea746abb196d9d622e21fe5f.tar.gz | |
Update to 5.18.6.p2-1
- New upstream release based on 5.18.5
- Add MGLRU Zen patch
- Add linux-5.18.6 patches
- Move System.map from -headers into the base package to avoid
external modules having wrong bpf symbols when running optimized
builds. Fixes #5
- Remove M/m from CPUSUFFIXES_KBUILD and LCPU, fixes build failing
when selecting an optimized build architecture that is not genering.
Fixes #6.
Signed-off-by: Björn Bidar <bjorn.bidar@thaodan.de>
Diffstat (limited to '0020-ata-libata-core-fix-NULL-pointer-deref-in-ata_host_a.patch')
| -rw-r--r-- | 0020-ata-libata-core-fix-NULL-pointer-deref-in-ata_host_a.patch | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/0020-ata-libata-core-fix-NULL-pointer-deref-in-ata_host_a.patch b/0020-ata-libata-core-fix-NULL-pointer-deref-in-ata_host_a.patch new file mode 100644 index 000000000000..0031463cf547 --- /dev/null +++ b/0020-ata-libata-core-fix-NULL-pointer-deref-in-ata_host_a.patch @@ -0,0 +1,46 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Sergey Shtylyov <s.shtylyov@omp.ru> +Date: Sat, 21 May 2022 23:34:10 +0300 +Subject: [PATCH] ata: libata-core: fix NULL pointer deref in + ata_host_alloc_pinfo() + +[ Upstream commit bf476fe22aa1851bab4728e0c49025a6a0bea307 ] + +In an unlikely (and probably wrong?) case that the 'ppi' parameter of +ata_host_alloc_pinfo() points to an array starting with a NULL pointer, +there's going to be a kernel oops as the 'pi' local variable won't get +reassigned from the initial value of NULL. Initialize 'pi' instead to +'&ata_dummy_port_info' to fix the possible kernel oops for good... + +Found by Linux Verification Center (linuxtesting.org) with the SVACE static +analysis tool. + +Signed-off-by: Sergey Shtylyov <s.shtylyov@omp.ru> +Signed-off-by: Damien Le Moal <damien.lemoal@opensource.wdc.com> +Signed-off-by: Sasha Levin <sashal@kernel.org> +--- + drivers/ata/libata-core.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/drivers/ata/libata-core.c b/drivers/ata/libata-core.c +index 3d57fa84e2be84cc7cd4b2ed622b5a0abde4bb11..ea967182125898c317dcdcced64a6e67c64cd837 100644 +--- a/drivers/ata/libata-core.c ++++ b/drivers/ata/libata-core.c +@@ -5506,7 +5506,7 @@ struct ata_host *ata_host_alloc_pinfo(struct device *dev, + const struct ata_port_info * const * ppi, + int n_ports) + { +- const struct ata_port_info *pi; ++ const struct ata_port_info *pi = &ata_dummy_port_info; + struct ata_host *host; + int i, j; + +@@ -5514,7 +5514,7 @@ struct ata_host *ata_host_alloc_pinfo(struct device *dev, + if (!host) + return NULL; + +- for (i = 0, j = 0, pi = NULL; i < host->n_ports; i++) { ++ for (i = 0, j = 0; i < host->n_ports; i++) { + struct ata_port *ap = host->ports[i]; + + if (ppi[j]) |